Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!
    Email Address:
We never sell or give out your contact information. We respect our readers' privacy.

August 21, 2009

HIPAA Breach Notification Final Rule Released By HHS

Written by:
Filed under: add to del.icio.us


Yes, this website is called EMR and HIPAA, but as you can tell from the content I’m much more interested in EMR than I am in HIPAA. Although there is certainly some correlation.

That said, I think there’s some interesting things happening with HIPAA that people need to be aware of. HHS released the Breach Notification Final Rule. Healthcare POV said the following about the rule:

The Department of Health and Human Services (HHS) has released a final rule on breach notification requirements for covered entities (CEs) and business associates (BAs). Published in the Federal Register, the rule dictates proper procedure for responding to a breach, including when notification is required, who to tell and how to dispense that information. The rule also reiterates and clarifies recommended methods of data encryption.

The announcement came 2 days after the Federal Trade Commission (FTC) released its breach notification final rule, which covers personal health record vendors and other non-HIPAA CEs. HHS consulted with FTC on requirements and asked the public for input through a request for information released earlier this year.

The link above has more analysis of these changes as well. I’ll admit that I’m not an expert in this area. Anyone else who cares to chime in on the impact of these changes, I’d love to hear about it in the comments or even a guest blog post if someone’s interested.

Related Articles
  • Guest Post: Expect New Rules to Expand Notification – Current State of HIPAA Breach Notification
  • Guest Post: Small Breaches Still Reportable – Current State of HIPAA Breach Notification
  • Guest Post: Current State of HIPAA Breach Notification – Notify Patients…or Not?
  • HIPAA Enforcement Security Rule Final Publish
  • Guest Post: Over-Notifying Also Carries Risk – Current State of Breach Notification

  • » EMR and HIPAA Sponsors
    • Get the Free EMR and HIPAA Email Newsletter:
    Email Address:
    Tags:

    Look for similar articles under these categories: 

    2 responses to "HIPAA Breach Notification Final Rule Released By HHS"

    1. # Dorian commented on August 23rd, 2009:

      All those large organizations that hold priceless data should be aware of the risks. Many have recently started to enforced mandatory encryption of significant data. There are a few options, but the easy one is to use Secure USB Flash Drive that really works great. If you must give your details, make sure that it’s protected!

    2. # Carol commented on April 30th, 2010:

      If anyone can refer me to a lawyer in Oregon willing to sue for multiple flagrant violations of HIPAA law, I would appreciate it. Please email me at: happy.leo@verizon.net.

    Leave a Reply
    Commenting policy: Some comments run the risk of being deleted. These include comments that are spam or cannot be understood or are rude.
    You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    Notify me of followup comments via e-mail. You can also subscribe without commenting.



    • Top - Home