October 2009
S M T W T F S
« Sep   Nov »
 123
45678910
11121314151617
18192021222324
25262728293031

Legal Disclaimer

Your use of this Blog does not create an attorney-client relationship. Your e-mail or comments do not create an attorney-client relationship. We have no duty to keep confidential the information that is submitted to this blog. This blog is not a substitute for, nor does it constitute legal advice. Only an attorney who knows the details of your particular situation and is properly licensed in the applicable state (or states) is able to appropriately and properly address any legal issues you may have.

Blog Categories

HHS announced proposed rulemaking to modify the HIPAA privacy rule to comply with Section 105 of Title I of the Genetic Information Nondiscrimination Act of 2008 (GINA)

By Robert Hudock, on October 15th, 2009 Print This Post Print This Post

On October 7, 2009 HHS announced proposed rulemaking to modify the HIPAA privacy rule to comply with Section 105 of Title I of the Genetic Information Nondiscrimination Act of 2008 (GINA) regarding the privacy and confidentiality of genetic information. Generally, the HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The HIPAA Privacy Rule requires a covered entity (and beginning next year Business Associates) to implement reasonable and appropriate administrative, technical and physical safeguards to protect the privacy of personal health information (PHI). The HIPAA privacy rule more generally sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request [...]

October 15th, 2009 | Tags: , , , , | Category: Deidentified Health Information, Federal Agencies, Genetic Information Nondiscrimination Act of 2008, HIPAA Privacy, HITECH Act, Health and Humans Services (HHS), Office of Civil Rights, Privacy, Privacy Law, State Privacy and Computer Security Laws, anonymization | Leave a comment Print This Post Print This Post

Four Members of Congress Complain to Secretary of HHS About the Harm Standard

By Robert Hudock, on October 12th, 2009 Print This Post Print This Post

Generally in the event of a “breach” of “unsecured” PHI, a covered entity must notify each individual whose unsecured PHI has been, or is reasonably believed to have been, breached. (45 C.F.R. § 164.404(a)(1).) Despite the obvious utility of the new harm standard, a few privacy advocates (and four United States congressmen) have expressed displeasure with the new HHS harm standard. An October 1st letter from congressional leaders sent to HHS Secretary Sebelius argues that the ARRA did not imply a harm standard in the breach notification requirements, and requests that HHS repeal the harm standard that was included in the interim final regulations on Breach Notification for Unsecured Protected Health Information. [...]

October 12th, 2009 | Tags: , , , , , , , , , , | Category: HIPAA Security, HITECH Act, Health Reform, Health and Humans Services (HHS), Privacy | 4 comments Print This Post Print This Post
Improve the web with Nofollow Reciprocity.