DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

HHS proposes new privacy, security rules

Posted on July 9, 2010 by Dissent

Diana Manos reports:

Department of Health and Human Services Secretary Kathleen Sebelius announced Thursday new proposed privacy and security rules and resources…. The proposed rules come as part of the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, to ensure broader individual rights and stronger protections when third parties handle individually identifiable health information, Sebelius said.

[…]

According to Sebelius, the proposed rules would strengthen and expand enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Enforcement Rules by:

  • expanding individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans;
  • requiring business associates of HIPAA-covered entities to be under most of the same rules as the covered entities;
  • setting new limitations on the use and disclosure of protected health information for marketing and fundraising; and
  • prohibiting the sale of protected health information without patient authorization.

Read more on Healthcare IT News. HHS’s statement is here.

Strengthening the rules is a worthy effort, but as always, the devil is in the details. The notice of proposed rule making can be found here and public comment period will start July 14 after publication in the Federal Register.

So far, I don’t see any indication that they will undo the harm assessment provision that so many of us complained about as being contradictory to Congress’s language and intention. That is such a glaring problem and it demands remedy.

Related Posts:

  • CDT breaks down proposed changes to HIPAA
  • Pointer: FAQ on the Proposed Modifications to the…
  • E-Health Privacy Regulations Draw Congressional Fire
  • At long last, HHS unveils Modifications to the HIPAA…
  • Civil rights office unveils genetic privacy proposals

Post navigation

← Cisco warns attendees that the Cisco Live database was hacked
WI: Village of Big Bend Employees Have Payroll Info Stolen →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach
  • Russian hackers exploiting Outlook bug to hijack Exchange accounts
  • Britain dismisses report claiming Sellafield nuclear site hacking, says no malware exists on our system
  • 23andMe data breach: Hackers accessed data of 6.9 million users
  • AlphV claims they have started contacting some of Tipalti’s clients (1)
  • Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
  • What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net