Health Information Management

HHS: HIPAA regulations to come this month

HIM Connection, May 4, 2010

Want to receive articles like this one in your inbox? Subscribe to HIM Connection!

The timing of the release of proposed HIPAA regulations per the HITECH Act became a little clearer last week.

HHS released its semi-annual regulatory agenda in the Federal Register April 26 and indicated that modifications to the HIPAA privacy, security, and enforcement rules will be coming in May.
 
HHS did not detail exactly which proposed rules it would release. But  the Office for Civil Rights, which enforces the HIPAA privacy and security rules, has said forthcoming regulations include:
  • Business associate liability
  • New limitations on the sale of personal health information, marketing, and fundraising communications
  • Stronger individual rights to access electronic medical records and restricting the disclosure of certain information
Earlier this month, HHS sent regulations per HITECH requirements to the Office of Information and Regulatory Affairs (OIRA) for review, according to privacy and security experts. OIRA has 90 days to review the regulations, though the head of the submitting agency can extend that time and OIRA may request a one-time 30-day extension, says Jana Aagaard of the Law Office of Jana Aagaard in Carmichael, CA.
 
The industry has been waiting on rules from OCR concerning HITECH provisions that became effective February 17. Until last week, neither HHS nor OCR had provided any specific timeline on the release of regulations.
 
Editor’s note: The article was originally published on the HCPro HIPAA Update blog. Visit the blog to see the latest HIPAA news and access other free HIPAA resources.



Want to receive articles like this one in your inbox? Subscribe to HIM Connection!

Most Popular

Related Articles