• E-mail
• Print
• RSS

Digesting the HIPAA proposed rule: Part III

HIPAA Weekly Advisor, August 23, 2010

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

Editor’s note: This is the third in a series of articles breaking down the Department of Health & Human Services (HHS) HIPAA proposed rule published in the Federal Register July 14.
 

The following items are courtesy of Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI, of Rebecca Herold & Associates, LLC, of Des Moines, IA. Herold will serve as one of the speakers of the HCPro, Inc. audio conference, “HIPAA’s New Proposed Rule: Prepare for Changes to Privacy, Security and Enforcement Regulations,” Tuesday, August 31:

• No protection of PHI for those who have been deceased for more than 50 years. According to the proposed rule, this change will reduce the burden on both covered entities and on those seeking the protected health information (PHI) by eliminating the need to search for and find the decedent’s personal representative to authorize the disclosure. HHS believes this change will benefit family members and historians who want access to this medical information for personal and public interest reasons.
• Required changes to the Notice of Privacy Practices (NPP). This will require changes throughout all the covered entities (CEs), Herold says. “The trick will be how to get the wording to a point where the average patient/consumer can understand what it is saying,” she says. “This has been a problem in the past.” The proposed amendments to the NPP would include:
  • Language about the use and disclosures of PHI that would require an authorization under the proposed rule
  • Changes to language regarding the CE contacting an individual to provide appointment; contacting the individual for fundraising; or to disclose information to the health plan
     

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

• E-mail to a Colleague
• Print
• RSS
• Archive