Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Tag Archives: Electronic Health Records

HHS (Finally!) Issues Proposed HIPAA Privacy & Security Rule Changes

Posted in Legislation

The long-awaited proposed changes to the HIPAA Privacy Rules have finally been released by the Department of Health and Human Services (HHS). A joint statement issued today by the HHS and the Office of Civil Rights (OCR) says that the proposed regulations “would expand individuals’ rights to access their information and restrict certain disclosures of… Continue Reading

Proposed HITECH Regulations Out in May?

Posted in Legislation

Buried in a part of today’s Federal Register was the publication of the Department of Health and Human Services’ regulatory agenda. The agenda presents a forecast of expected HHS rulemaking activities and suggests that in May of this year HHS will issue the long-awaited proposed rules to modify the HIPAA Privacy, Security, and Enforcement Rules… Continue Reading

Privacy and Security Bits and Bytes

Posted in Data Breach

Our Friday afternoon feature — Virginia Adds Medical Information Breach Law – The Commonwealth of Virginia has amended its data breach notification law to include breaches of medical information. For the text of the amendment, link here. Even if the data is encrypted, the law requires notice if the breach involved a person with access… Continue Reading

HHS Announces Delay in Enforcement of HITECH Rules as Applied to Business Associates

Posted in Legislation

As we have discussed before, HHS’s Office of Civil Rights has let it be known that a proposed rule implementing the HITECH Act’s privacy and security provisions as they apply to business associate liability is in the works. The proposed rule will also deal with new limitations on the sale of protected health information, marketing,… Continue Reading

Data Privacy Day Tip #2 – HITECH Act

Posted in Legislation

Written by Dianne BourqueEffective February 17, 2010, significant new compliance obligations will be imposed on business associates through the HITECH provisions of the American Recovery and Reinvestment Act of 2009 (“ARRA”). Business associates (or organizations that use or disclose protected health information on behalf of covered entities subject to HIPAA) will be directly liable for… Continue Reading

New Regulations Propose a Definition of ‘Meaningful Use’

Posted in Legislation

Written by Dianne On December 30, 2009, the Centers for Medicare & Medicare Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) issued interim final rules necessary to implement electronic health record (EHR) incentive programs enacted under the American Recovery and Reinvestment Act of 2009. The ONC rule sets initial… Continue Reading