The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...02 May 2016
OCR Releases Proposed HITECH Privacy Rule -- Biggest Change to Health Privacy Law Since HIPAA
This morning the Office of Civil Rights (OCR) issued a notice of proposed rulemaking to modify the HIPAA Privacy, Security, and Enforcement Rules. The proposed modifications would extend parts of the HIPAA Privacy Rule and virtually all of the Security Rule to the business associates of HIPAA covered entities, impose new limits on the use and disclosure of protected health information for marketing, prohibit the sale of protected health information without patient consent, expand individuals’ rights to access their information and permit patients to restrict the disclosure of certain information to health plans. In addition, the proposed rule will strengthen and expand HIPAA’s enforcement provisions. Comments will be accepted on the new rule for 60 days following publication in the Federal Register, which is currently scheduled for July 14, 2010. Hogan Lovells attorneys are reviewing the proposed rule and will post highlights shortly.