New Health Privacy Regulations Spark DebateInformation Week reports that the Department of Health and Human Services has issued a rule to "beef up penalties for violations of the Health Insurance Portability and Accounting Act (HIPAA)." But the rule has generated complaints from a bipartisan group of congressmen, who argue it leaves loopholes and doesn't properly determine when privacy has been breached. "The new rules significantly increase penalty amounts that the U.S. Department of Health and Human Services can impose for HIPAA violations of patient privacy, according to a statement from HHS. The new rules reflect requirements enacted in the Health Information Technology for Economic and Clinical Health (HITECH) sections of the American Recovery and Reinvestment Act (ARRA) of 2009. ... The HITECH act increases civil financial penalties by establishing tiered ranges of increasing minimum penalties, with a maximum $1.5 million for all violations of identical provisions" (Wagner, 11/2).
This is part of the KHN Morning Briefing, a summary of health policy coverage from major news organizations. Sign up for an email subscription.