• LinkedIn
  • YouTube
  • Twitter
  • Facebook
  • Google+

Feds propose new HIPAA privacy rules

by on
in Employee Benefits Program,Employment Law,HR Management,Human Resources

The U.S. Department of Health and Human Services has announced new rules increasing the privacy of Americans’ health information by proposing to strengthen the confidentiality and security measures of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

The proposed rules, released July 8, 2010, would:

  • Expand individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans
  • Require business associates of HIPAA-covered entities to be under most of the same rules as the covered entities
  • Set new limitations on the use and disclosure of protected health information for marketing and fundraising
  • Prohibit the sale of protected health information without patient authorization.

Although the new rules will mainly affect how health care providers and insurance companies conduct their business, HR professionals can expect to get questions from employees concerned about the privacy of the information insurance carriers may have access to.

Some definitions of HIPAA terms:

  • Covered entities — health care providers and institutions (such as clinics and hospitals), as well as health insurance companies.
  • Business associates — third-party administrators of health and pharmacy benefits, claims processors, billing companies, medical transcribers and others who deal with covered entities.


What it means for HR: For the most part, it will be up to your insurance carrier to ensure that its business associates comply with the proposed rules. However, as part of your due diligence, you should make sure your carrier has plans in place to monitor and enforce business associate compliance.


Technically, the proposed rules add enforcement muscle and privacy guidance to the Health Information Technology for Economic and Clinical Health Act (HITECH), part of the American Recovery and Reinvestment Act stimulus law. HITECH was designed to encourage better health care delivery by collecting data on which clinical practices produce the best health outcomes.

The new HHS HIPAA rules address privacy concerns voiced by many opponents of the stimulus law and the health care reform law that went into effect earlier this year.

Following a 60-day comment period, the proposed rules will take effect in September.

Like what you've read? ...Republish it and share great business tips!

Attention: Readers, Publishers, Editors, Bloggers, Media, Webmasters and more...

We believe great content should be read and passed around. After all, knowledge IS power. And good business can become great with the right information at their fingertips. If you'd like to share any of the insightful articles on BusinessManagementDaily.com, you may republish or syndicate it without charge.

The only thing we ask is that you keep the article exactly as it was written and formatted. You also need to include an attribution statement and link to the article.

" This information is proudly provided by Business Management Daily.com: http://www.businessmanagementdaily.com/12124/feds-propose-new-hipaa-privacy-rules "

Leave a Comment