On Thursday, HHS proposed modifications to the 1996 HIPAA privacy and security rules to incorporate changes Congress included in the 2009 federal economic stimulus package, Modern Healthcare reports.
Proposed Adjustments
The draft rule would allow patients to restrict certain disclosures to health plans and prohibit personal information from being sold without their consent (Conn, Modern Healthcare, 7/8).
The rule also proposes treating billing companies, customer service contractors and other businesses the same as physicians, hospitals and insurers, which would subject them to fines and penalties if they violate privacy regulations.
Earlier this year, HHS significantly increased the maximum penalty for HIPAA violations, to $50,000 per violation and $1.5 million annually (Lentz, Reuters, 7/8).
The proposed rule also would:
Reasoning Behind Rule; Next Steps
The proposed changes were mandated by the HITECH Act, which was included in the economic stimulus package and designed to encourage hospitals and physicians to adopt electronic health records (Reuters, 7/8).
According to a statement released by National Coordinator for Health IT David Blumenthal and OCR Director Georgina Verdugo, “This rulemaking will strengthen the privacy and security of health information, and is an integral piece of the administration’s efforts to broaden the use of health information technology in health care today” (Gruenwald, “Tech Daily Dose,” CongressDaily, 7/8).
The Office of the National Coordinator for Health IT is developing a final regulation to ensure that electronic health records are capable of complying with the new HIPAA privacy and security requirements (Robinson, Government Health IT, 7/8).
The draft rule is open for public comment for 60 days, beginning July 14 (Modern Healthcare, 7/8).
Source: iHealthBeat
Comments are closed.
Copyright 2015 - Pulse Practice Solutions | 615.425.2719