Yesterday, the U.S. Department of Health and Human Services (HHS) released the long-awaited final rules implementing changes to the HIPAA privacy and security rules enacted in 2009 by the HITECH Act.
The rules provide greater protections to patients and strengthen the government’s ability to enforce the law. Among the changes are expanded requirements for business associates, clarification of what breaches must be reported to HHS, and new limits on how information can be used and disclosed for marketing and fundraising purposes.
We will post a detailed summary of the rule in the coming days. Read the final rules.
Health Law, HIPAA, HITECH Act