FROM THE FOUNDATION

Big Business, Little Data

A growing number of Californians are being sent to ambulatory surgery centers for a wide variety of procedures, yet little is known about the care they deliver because reporting is not required.

And the Winner Is...

See how human-centered designers answered our challenge to encourage more people to complete advance directives and document their end-of-life wishes.

Ready or Not

Even with new federal resources to help, a study finds that communities with weaker safety-net systems are lagging in preparations for health reform.

Privacy

Friday, January 18, 2013

HHS Unveils Final Rules Expanding, Updating HIPAA Provisions

On Thursday, HHS released four final rules expanding and updating the Health Insurance Portability and Accountability Act, Modern Healthcare reports.

The rules -- called for under the 2009 federal economic stimulus package's HITECH Act and the Genetic Information Nondiscrimination Act -- implement tougher privacy and security provisions. The rules:

  • Clarify when breaches must be reported to HHS' Office for Civil Rights;
  • Establish new standards for the use of patient-identifiable information for fundraising and marketing;
  • Expand liability to "business associates" of hospitals and other "HIPAA-covered entities," such as data miners and health information technology service providers (Conn, Modern Healthcare, 1/17); and
  • Raise the maximum penalty for noncompliance to $1.5 million per violation (Bowman, FierceHealthIT, 1/17).

According to HHS, the rules stemmed in part from an executive order that directed HHS to conduct a retrospective review of existing regulations to determine ways to reduce costs and increase flexibility under HIPAA (Sullivan, Government Health IT, 1/17).

HHS Secretary Kathleen Sebelius said the rules "will help protect patient privacy and safeguard patients' health information in an ever expanding digital age."

The long-awaited rules were accepted by the Office of Management and Budget in March 2012 and were expected to be published last summer (FierceHealthIT, 1/17).

Reader Comments:
  • 2
  • 01/25/2013
  • kerry pay

I am disabled because a back surgeon damaged leg nerve during 9 hour surgery that was to have been only 4 hours and surgeon DID NOT RECORD IN MEDICAL RECORDS COMPLICATIONS I SUFFERED THAT HE CAUSED. All doctors that have made mistakes have changed what they have written into my medical record to protect themselves from liability and DO NOT CARE about how I (patient)will in future get medical care because of doctors mistakes covered up. None of my doctors have every taken the time to think through my symptoms and causes to try to heal me. I have had to be my own doctor and investigate all my medical issues on the internet reading medical journal articles and then inform doctor. Doctors do not take the time anymore to analyze medical symptons to reach a correct medical diagnosis. They continuously make errors that I have to correct becoming more ill. Am now slowly dying from lack of competent medical analysis.

  • 1
  • 01/25/2013
  • kerry pay

When going to a new doctor I write on all forms my medical information cannot be sent to ANYONE until I view and verify accuracy entered by doctors because EVERY DOCTOR I HAVE SEEN IN CALIFORNIA cannot write correctly what has been discussed between doctor and myself. I just had another doctor fail to correctly record what was discussed as well as this doctor releasing my medical records to another doctor that I had "fired" for incompetence and personally handed to this doctor why I now have to voice record office visits because past doctors CANNOT WRITE CORRECT MEDICAL RECORDS WHICH HAS INJURED ME GRAVELY. Doctors do not respect my request and they think they are "gods with no accountability for writing correct medical records" because no doctor in Calif fears consequences because there are NO CONSEQUENCES FOR WRITING BAD MEDICAL RECORDS. I have had to report every doctor I HAVE SEEN to Calif Medical Board. No laws punishing doctors for incorrectly writing bad medical records.



Readers are invited to send feedback to: chl@chcf.org