Changes Proposed to HIPAA Privacy, Security, and Enforcement Rules

The U.S. Department of Health and Human Services ("HHS") issued new proposed rules to modify and strengthen the Health Insurance Portability and Accountability Act (HIPAA) privacy, security, and enforcement rules and implement new requirements for business associates of HIPAA-covered entities. The purpose of the new rules is to implement recent statutory amendments under the Health Information Technology for Economic and Clinical Health Act (HITECH Act), which was enacted as part of the American Recovery and Reinvestment Act of 2009 (ARRA), to strengthen the privacy and security protection of health information, and to improve the workability and effectiveness of these HIPAA rules.

The compliance date will generally be 180 days after final rules are published, although some provisions may have different compliance dates. The proposed rules would:

  • expand individuals' rights to access their health information and restrict certain types of disclosures of protected health information (PHI) to health plans

  • require business associates of HIPAA-covered entities to be under most of the same rules as covered entities 

  • set new limitations on the use and disclosure of PHI for marketing and fundraising 

  • prohibit the sale of PHI without participant authorization

According to an HHS press release, entities that are not covered by the HIPAA rules will also be examined more closely to understand better how they handle PHI and to determine whether additional privacy and security protections are needed for these entities.

A recently launched HHS privacy website helps visitors easily access information about existing HHS privacy efforts and the policies supporting them.

As new information is issued on health reform, Conner Strong will issue alerts and updates. Should you have any questions, please contact your Conner Strong representative toll-free at 1-877-861-3220.



Related Posts

See All

Guidance on Extension of COVID-19 Outbreak Period

Last year, federal agencies announced timing extensions for a host of deadlines for plans and participants that apply during the COVID-19 “Outbreak Period”. The defined Outbreak Period was intended to

American Rescue Plan Passed in the US House

The US House of Representatives on Saturday passed President Biden’s $1.9 trillion “American Rescue Plan”. Republicans unanimously opposed the bill, and all but two Democrats voted in favor of the bil

© 2020 by Conner Strong & Buckelew