Archive for April, 2009

HHS & FTC Release Guidance On HITECH Act Data Breach Rules for HIPAA Covered Entities & Entities Dealing With Personal Health Records

On April 17, 2009, the Department of Health & Human Services (“HHS”) released its initial guidance (the “HHS Guidance”) to health care providers, health plans and health care clearinghouses and their business associates (“HIPAA Covered Entities”) about when the new data breach notification rules (“UPHI Breach Notice Rules”) added to federal law under the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) will require the HIPAA Covered Entity to provide notification of breach of the security of “unsecured protected health information” (“Unsecured PHI”).

Concurrently, the Federal Trade Commission (“FTC”) released proposed regulations (the “FTC Rules”) to implement new health information data breach and other health information privacy and security mandates included in the HITECH Act for non-HIPAA Covered Entities providing or accessing personal health records and certain other consumer health information (“PHR”). The enactment of the new data breach requirements are only one of a series of new developments that have significantly increased the risks and responsibilities of covered entities and others who handle PHI and other personal health information. These developments make it imperative that these entities act promptly to manage their data security exposures by updating their policies and procedures in response to the HITECH Act requirements and other HIPAA and other privacy and data security developments.

Advertisements

Continue Reading April 18, 2009 at 9:42 pm

FTC Proposes Data Breach Regulations For Personal Health Records, HHS Separately Releases Guidance For HIPAA Covered Entities On New Data Breach Rules

The Federal Trade Commission (“FTC”) today (April 17, 2009) proposed rules (the “FTC Regulation”) to govern the implementation of a federal mandate adopted by Congress which will require certain vendors and other entities maintaining or interfacing with personal health records to notify individuals when the security of their individually identifiable health information is breached enacted as part of the American Recovery and Reinvestment Act of 2009 (“ARRA”) signed .into law on February 17, 2009. The FTC Regulation will apply to entities that currently are not considered health care providers, health plans and healthcare clearinghouses (“HIPAA Covered Entities”) subject to the privacy and security standards for protected health information (“PHI”) established by the Health Insurance Portability & Accountability Act of 1996 (“HIPAA”).

Continue Reading April 17, 2009 at 11:02 pm

New National Health IT Coordinator Releases Free Software To Help Health Care Providers Connect To Nationwide Health Information Network

As a first step to help public and private health information technology systems communicate to the Nationwide Health Information Network (NHIN), the Office of the National Coordinator for Health Information Technology (ONC) is making free software, called CONNECT, and supporting documentation available for use by health care providers.

Continue Reading April 7, 2009 at 2:18 am


April 2009
S M T W T F S
« Mar   May »
 1234
567891011
12131415161718
19202122232425
2627282930  

Recent Posts

Share this blog

Bookmark and Share
April 2009
S M T W T F S
« Mar   May »
 1234
567891011
12131415161718
19202122232425
2627282930