Archive for April 18, 2009

HHS & FTC Release Guidance On HITECH Act Data Breach Rules for HIPAA Covered Entities & Entities Dealing With Personal Health Records

On April 17, 2009, the Department of Health & Human Services (“HHS”) released its initial guidance (the “HHS Guidance”) to health care providers, health plans and health care clearinghouses and their business associates (“HIPAA Covered Entities”) about when the new data breach notification rules (“UPHI Breach Notice Rules”) added to federal law under the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) will require the HIPAA Covered Entity to provide notification of breach of the security of “unsecured protected health information” (“Unsecured PHI”).

Concurrently, the Federal Trade Commission (“FTC”) released proposed regulations (the “FTC Rules”) to implement new health information data breach and other health information privacy and security mandates included in the HITECH Act for non-HIPAA Covered Entities providing or accessing personal health records and certain other consumer health information (“PHR”). The enactment of the new data breach requirements are only one of a series of new developments that have significantly increased the risks and responsibilities of covered entities and others who handle PHI and other personal health information. These developments make it imperative that these entities act promptly to manage their data security exposures by updating their policies and procedures in response to the HITECH Act requirements and other HIPAA and other privacy and data security developments.

Advertisements

Continue Reading April 18, 2009 at 9:42 pm


April 2009
S M T W T F S
« Mar   May »
 1234
567891011
12131415161718
19202122232425
2627282930  

Recent Posts

Share this blog

Bookmark and Share
April 2009
S M T W T F S
« Mar   May »
 1234
567891011
12131415161718
19202122232425
2627282930