Corporate Compliance

OCR submits HITECH HIPAA reports to Congress

Compliance Monitor, September 7, 2011

The Department of Health & Human Services (HHS) submitted two reports to Congress as required by the HITECH Act — one on breaches of HIPAA privacy and security and another on HITECH and privacy and security compliance.

HITECH requires the HHS Secretary to submit an annual report to Congress containing the number and types of breaches reported to the Secretary, and HHS’ actions in response to those breaches. HHS already lists breaches on its website.

The report on breaches provides an overview of the breach notification requirements and a discussion of the reports the Secretary received as a result of these new requirements of the breaches that occurred in calendar years 2009 and 2010.

HITECH also requires the Secretary to submit an annual report to Congress regarding compliance with the HIPAA Privacy and Security Rules. That compliance report summarizes complaints received by HHS of alleged violations of the provisions of Subtitle D of the HITECH Act, as well as of the HIPAA Privacy and Security Rules at 45 CFR Parts 160 and 164.

Most Popular