GovInfoSecurity
Compliance
Compliance
HealthInfoSec) • March 9, 2021 18 Minutes Twitter
Zachary Perry and Rita Bowen of the Association of Health Information Outsourcing Services
Proposed changes to the HIPAA Privacy Rule could weaken patient data privacy protections, say Rita Bowen and Zachary Perry of the Association of Health Information Outsourcing Services.
A notice of proposed rulemaking from the Department of Health and Human Services was published in the Federal Register in January (see:
HHS Reveals Proposed Changes to HIPAA Privacy Rule). On Tuesday, HHS Office for Civil Rights announced an extension of the deadline for the public to submit comments on the proposed changes to May 6. The changes will be finalized once comments have been reviewed.
Rita Bowen, vice president of privacy, compliance and health information management policy, MRO Corp.
As federal regulators intensify their focus on compliance with requirements to provide patients with access to their health information, healthcare organizations need to sort through a variety of emerging challenges, says health information management and privacy expert Rita Bowen.
The Department of Health and Human Services Office for Civil Rights has issued more than a dozen HIPAA settlements - ranging from $3,500 to $160,000 - in cases involving covered entities failing to provide timely access to a patient s requested health information.
Under HIPAA, covered entities must within 30 days fulfill patients requests for copies of their health information in the format of their choice. But under a proposal issued by HHS OCR this month to modify the HIPAA Privacy Rule, that compliance timeframe could potentially be reduced to 15 days (see: