On January 17th, 2013, new rules were issued by the U.S. Department of Health and Human Services (HHS) that modify various HIPAA rules. The changes are primarily designed to engage privacy protections for patients and to strengthen the ability of the government to enforce the law. Here is an overview of some of the key changes to the HIPAA rules:
- Making Business Associates Liable: The new rules make business associates of covered entities directly liable for compliance with HIPAA Privacy and Security Rules requirements
- Marketing-Related Changes: Limitations on the use and disclosure of protected health information for marketing purposes has been strengthened. Also, individual authorization is required before protected health information can be sold.
- Expanded Rights for Individuals: The rights of individuals to receive electronic copies of health information have been expanded. Also, the individuals’ rights to restrict disclosure to health plans concerning information regarding treatments that were paid out of pocket have been expanded.
Download Our Legislative Brief for More Information
These are just a few of the key rule changes that have been declared. For a more detailed recap of the rule changes and the compliance dates, fill out the form below to download our Legislative Brief on this subject: