Issue Background


HHS Publishes HIPAA Guidance Document

The U.S. Department of Health & Human Services recently published a “Guide to Privacy and Security of Health Information” for physicians and healthcare providers. The guide is a valuable resource, containing tips for compliance, and providing links to a wealth of information.


Federal Government Begins HIPAA Privacy & Security Audits

The HITECH Act requires the US Department of Health & Human Services to audit covered entities for compliance with HIPAA’s Privacy and Security Rules and the breach notification standards. To that end, the Office of Civil Rights (which is the enforcing authority) will begin a pilot program to perform 150 audits beginning in November and ending December 2012. Practices are urged to review their HIPAA and HITECH programs for compliance. Read more ...


HIPAA: Rulemaking on Patients Rights to Access Disclosure to PHI

This week, the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) proposed changes to the HIPAA Privacy Rule that would allow patients to obtain a report on who has electronically accessed their protected health information (PHI). The proposed rule would allow patients to request an access report that would document who has electronically accessed and viewed their PHI. Comments are due on August 1, 2011.

Read the HHS press release. Read a summary of the proposed rule.