The U.S. Department of Health and Human Services (“HHS”) has announced proposed changes (the “Proposed Rule”) to 42 C.F.R. Part 2 (“Part 2”). While the Health Insurance Portability and Accountability Act (“HIPAA”) governs the privacy and security of protected health information generally, Part 2 specifically governs the medical records of federally assisted substance use treatment programs (“SUD Records”).
The Office for Civil Rights (“OCR”) issued a request for information (“RFI”) to assist OCR in identifying provisions of the Health Insurance Portability and Accountability Act (“HIPAA”) privacy and security regulations (the “HIPAA Rules”) that may impede the transformation to value-based health care or that limit or discourage coordinated care among individuals and covered entities without meaningfully contributing to the protection of the privacy or security of individuals’ protected health information (“PHI”).
Continue Reading OCR Seeks Ideas on HIPAA Rule Changes to Promote Value-Based Care and Coordinated Care
This follows the blog article posted November 28, “Connection and Innovation Take Center Stage at the Patient ENGAGE Conference” and is the second feature regarding the MedCity ENGAGE conference Nov. 6-7 in San Diego. Here, we focus on the aspects of the conference that explored the impact of technology on patient engagement, from wearables to DNA sequencing, to apps used by insureds to quit smoking while reducing insurance premiums in the process.
Continue Reading Patient Empowerment Through Technology is Focus of ENGAGE Conference
A single, multidisciplinary entity, like a university, may include certain departments that use PHI, and other departments that do not. Such institutions are eligible to (and should) self-identify as “hybrid entities” to better manage HIPAA compliance risk.
The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”) mandates privacy and security safeguards for information about an individual’s health status, care, or payment for care. Individuals, organizations, and agencies that meet the definition of a “covered entity” or “business associate” under HIPAA must comply with its requirements.
Continue Reading Are You a “Hybrid Entity” under the Health Insurance Portability and Accountability Act of 1996? The $4,348,000 Question