The Department of Health and Human Services (HHS) is aiming to release its long-awaited (and consolidated) Final Rule on the HIPAA privacy and security rules by the end of 2011, it was announced by Susan McAndrew, deputy director in the HHS Office for Civil Rights (OCR).

The revamped regulations for the privacy and security rules were mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. The year-end rule will provide for data breach notification, strengthen HIPAA enforcement, and expand other privacy and security protections.

McAndrew said a separate rule will be issued to allow patients access to who has viewed their medical information. This rule, she said, will be released in advance of Final Rule.

To better understand both HITECH and HIPAA (Health Insurance Portability and Accountability Act), please visit Personnel Concepts' online HIPAA and COBRA Compliance repository.