HIPAA Final Rule: Genetic Information Nondiscrimination Act: Underwriting Prohibitions

February 18, 2013.  Today, we examine underwriting prohibitions as they relate to modifications of the HIPAA Privacy Rule required under the Genetic Information Nondiscrimination Act (GINA). These modifications are in the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. The Final Rule states:  “The final rule…

READ MORE

HIPAA Final Rule: Genetic Information Nondiscrimination Act (GINA) Definitions

February 15, 2013.  Today, we present several new definitions relating to the Genetic Information Nondiscrimination Act (GINA), which addressed the application of the HIPAA Privacy Rule to genetic information.  The definitions are in the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. The Final Rule states: …

READ MORE

HIPAA Final Rule: Breach Notification Guidance Safe Harbor

January 30, 2013.  Today, we look at the definition of unsecured protected health information and the Guidance Specifying the Technologies and Methodologies that Render Protected Health Information Unusable , Unreadable, or Indecipherable to Unauthorized Individuals [“Guidance”] as discussed in the January 25, 2013 Final Rule: Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under the Health Information Technology for Economic and Clinical Health Act [HITECH Act]; Other Modifications to the HIPAA Rules.  The Final Rule becomes effective on March 26, 2013, and requires compliance by covered entities and business associates on September 23, 2013. Here is the definition of unsecured protected health information: “protected health information that is…

READ MORE

Final HIPAA/HITECH Act Privacy, Security, Enforcement, Breach Notification Rules Published in Federal Register January 25, 2013.

January 25, 2013.  The Final Rule is published, at last!  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules; Final Rule cleared the Office of Management and Budget on January 16, was issued online on the Federal Register’s Electronic Public Inspection Desk in pre-publication format on January 17, and published in the Federal Register today.  The Final Rule is 136 pages (pp.5566-5702).  The effective date of the Final Rule is Tuesday, March 26, 2013, and the compliance date is Monday, September 23, 2013. Here is the…

READ MORE

OCR of HHS FINALLY Issues HIPAA/HITECH Act Privacy, Security, Enforcement, and Breach Notification Modifications Final Rule

January 18, 2013. On January 16, 2013, the Office of Management and Budget (OMB) completed its EO 12866 regulatory review of RIN:  0945-AA03, and the long-awaited release of the Department of Health and Human Services’ Office for Civil Rights (OCR) so-called “Omnibus” Final Rule was published at 4:15 PM on January 17, 2013, in pre-publication final draft form on the Federal Register’s Electronic Public Inspection Desk.  Publication in the Federal Register is scheduled for Friday, January 25, 2013.  The title of the Final Rule is:  45 CFR Parts 160 and 164:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under the Health Information Technology for Economic and…

READ MORE

Finally, HIPAA/HITECH Act Privacy, Security, Breach Notification, Enforcement Final Rules at OMB

March 24, 2012.   Today, the Office of Information and Regulatory Affairs at the Office of Management and Budget (OMB) in the Executive Office of the President showed that it had received the much-delayed Department of Health and Human Services (HHS) Office for Civil Rights (OCR) Final Rules entitled:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (RIN:  0945-AA03). Following review by OMB, the rules will be published in the Federal Register, most likely in April if OMB’s review is timely. The Abstract of the Rules reads:  “The Department of Health and Human Services Office for Civil Rights will issue final rules to modify the HIPAA Privacy, Security,…

READ MORE