The U.S. Health and Human Services Department has announced the final security rules under the Health Insurance Portability and Accountability Act of 1996. The rules are designed to safeguard the privacy of individually identifiable health information.
HHS director Donna Shalala said the department had received more than 52,000 comments from the public since the proposed rules were published last year, resulting in several changes in the final version released yesterday.
For example, paper medical records will now be included in the protected information, along with oral and electronic records. The final rules also require most providers to get patients' consent for routine use and disclosure of health records. The proposed version would have allowed routine disclosure without advance consent.
In addition, the final rules allow full disclosure of records for the purposes of treatment, rather than the much narrower medical necessity standard that had been proposed. The published rules also add protection against the unauthorized use of medical records for employment purposes. The HHS Office for Civil Rights will enforce the regulations, according to the department.
By AuntMinnie.com staff writersDecember 21, 2000
Related Reading
HIPAA hopefuls get religion from privacy guru, December 11, 2000
Encryption is key to medical data security, September 19, 2000
Biometrics comes of age as security takes center stage, September 19, 2000
New HIPAA rules portend sweeping changes in medical data security, June 27, 2000
Copyright © 2000 AuntMinnie.com