HHS attempts to strengthen HIPAA privacy rules with new NPRM

Jeff Byers | | Health Imaging | Artificial Intelligence
“Today, we begin to make real the phrase ‘private and secure’ as operative characteristics of that ambitious project of improving health information in the U.S.,” said David Blumenthal, MD, the national coordinator for health IT during a Thursday press conference concerning the notice of proposed rulemaking published by the Department of Health and Human Services (HHS) in the July 8 edition of the Federal Register to strengthen HIPAA privacy and security rules.

HHS Secretary Kathleen Sebelius addressed the new rules and resources to strengthen the privacy of health information and to help Americans understand their rights and the resources available to safeguard their personal health data.

Led by the Office of the National Coordinator for Health IT and the HHS Office for Civil Rights, HHS is working with public and private partners to ensure that, as health IT is expanded to drive improvements in the quality and effectiveness of the nation’s healthcare system, Americans can trust that their health information is protected and secure, according to the department.

The proposed rule, currently available for public comment, would strengthen and expand HIPAA privacy, security and enforcement rules by:
  • Expanding individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans;
  • Requiring business associates of HIPAA-covered entities to be under most of the same rules as the covered entities;
  • Setting new limitations on the use and disclosure of protected health information for marketing and fundraising; and
  • Prohibiting the sale of protected health information without patient authorization.

“To improve the health of individuals and communities, health information must be available to those making critical decisions, including individuals and their caregivers,” said Sebelius. “While health IT will help America move its healthcare system forward, the privacy and security of personal health data is at the core of all our work.”

The department also unveiled a privacy website to help visitors access information about ongoing HHS privacy efforts and the policies supporting them.

HHS is also looking more closely at entities that are not covered by HIPAA rules to understand better how they handle personal health information and to determine whether additional privacy and security protections are needed for these entities.

To view the proposed rule, click here.

Jeff Byers

Related Content

Experts highlight 'significant concerns' with fluctuating accuracy of popular large language models
FDA clears AI screening tool for cardiac amyloidosis
Are providers too trusting of AI's advice?
Pairing an alert system with CAD software halves time-to-treatment for pneumothorax
Deep learning reconstruction cuts radiation and contrast dose by half in aortic CTA exams
New study highlights the need to include more challenging datasets in AI training

Around the web

Cardiovascular Business
Positron partners with Upbeat Cardiology Solutions to improve cardiac PET/CT access

Positron, a New York-based nuclear imaging company, will now provide Upbeat Cardiology Solutions with advanced PET/CT systems and services. 

Cardiovascular Business
Global shortage of nuclear imaging isotopes may be over

The nuclear imaging isotope shortage of molybdenum-99 may be over now that the sidelined reactor is restarting. ASNC's president says PET and new SPECT technologies helped cardiac imaging labs better weather the storm.

Cardiovascular Business
‘A huge win’: CMS significantly increases Medicare payments for cardiac CT

CMS has more than doubled the CCTA payment rate from $175 to $357.13. The move, expected to have a significant impact on the utilization of cardiac CT, received immediate praise from imaging specialists.