The HIPAA/HITECH Megarule Published and in Effect March 26

The U.S. Department of Health and Human Services (HHS) moved forward today to strengthen the privacy and security protections for health information established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).  The final omnibus rule, published today in the Federal Register, greatly enhances a patient’s privacy protections, provides individuals new rights to […]

Read the rest of this entry »
GoTo top Top

HHS Proposes Expansion of Individuals’ Right to ‘Access Reports’ on Their Medical Data

The Department of Health and Human Services (HHS) is currently receiving public commentary on a proposed rule to expand the right of individuals to demand and receive "access reports" identifying who accessed their protected health information and why. Under the Health Insurance Accountability and Portability Act (HIPAA) of 1996, individuals currently have a right to […]

Read the rest of this entry »
GoTo top Top

HHS to Audit 150 Firms for HIPAA Privacy and Security Standards Under ARRA

The Department of Health and Human Services (HHS), through its Office of Civil Rights (OCR), has awarded a $9-million contract to KPMG to help audit 150 covered entities and business associates for adherence to HIPAA security and privacy standards. According to language in the contract, "Site visits conducted as part of every audit would include […]

Read the rest of this entry »
GoTo top Top

HHS to Release Final HIPAA Privacy, Security Rules by Year-End

The Department of Health and Human Services (HHS) is aiming to release its long-awaited (and consolidated) Final Rule on the HIPAA privacy and security rules by the end of 2011, it was announced by Susan McAndrew, deputy director in the HHS Office for Civil Rights (OCR). The revamped regulations for the privacy and security rules […]

Read the rest of this entry »
GoTo top Top

Data Breaches Now Affect 10 Million Americans, OCR Reports

The Office of Civil Rights (OCR), the unit of the Department of Health and Human Services (HHS) responsible for monitoring health information breaches, recently reported that the total number of Americans affected by large data breaches has surpassed 10 million individuals. With the enactment of the Health Information Technology for Economic and Clinical Health Act […]

Read the rest of this entry »
GoTo top Top

HHS Sends Disclosure Rule to OMB for Review, Expands Patients’ Rights

The Department of Health and Human Services (HHS), despite a health industry outcry, has forwarded to the Office of Management and Budget (OMB) a proposed rule allowing patients to request information about the disclosure of their protected health information (PHI). An OMB review can take anywhere from one to 90 days to complete. After that, […]

Read the rest of this entry »
GoTo top Top

Inflation Stays Flat, and So Do Retirement Savings Limits

The Internal Revenue Service (IRS) has announced dollar limits for tax-deferred retirement savings accounts for 2011, and, reflecting a flat cost-of-living index for 2010, has left those limits virtually unchanged for the new year. For instance, the limit for 401(k), 457(b) and 403(b) plans remains unchanged at $16,500, with health savings accounts (HSA) holding steady […]

Read the rest of this entry »
GoTo top Top

Suspended Breach Notification Rule Remains in Effect

Though on Aug. 4 it withdrew its Interim Final Rule regarding HIPAA security breach notifications, the Department of Health and Human Services (HHS) has since clarified on its Web site that the suspended rule of Sept. 23, 2009, remains in effect. "This is a complex issue and the Administration is committed to ensuring that individuals’ […]

Read the rest of this entry »
GoTo top Top

HHS Suspends Breach Rule for Further Review

Coming under criticism for allowing covered entities (in this case, those health care providers and others who maintain health records) to police themselves in matters of maintaining the privacy of Protected Health Information (PHI), the Department of Health and Human Services (HHS) has withdrawn its breach rule of September 2009. The already-in-effect interim final rule, […]

Read the rest of this entry »
GoTo top Top

Health Worker Becomes First HIPAA Inmate

There are some cautionary tales and lessons in the strange case of Huping Zhou, 47, who once worked for the UCLA Health System–until he was fired for poor performance–and who now finds himself facing hard time for HIPAA privacy violations. Here’s where it gets strange for both UCLA and the Chinese surgeon. First, UCLA gave […]

Read the rest of this entry »
GoTo top Top