November 24, 2015

November 24, 2015

November 23, 2015

HHS Releases HIPAA and HITECH ACT Mega-Rule

On January 17, 2013 the Department of Health and Human Services released an omnibus rule making changes to the Health Insurance Portability and Accountability Act (“HIPAA”) regulations related to privacy and security.  The new final rule expands requirements beyond covered entities (health care providers, health plans, and entities that process health insurance claims) to business associates of covered entities in order to provide additional protections.  These changes represent some of the most significant changes to the rule since it was first implemented fifteen years ago.

This mega rule also seeks to finalize privacy and security regulations related to the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) as well as implement certain provisions of the Genetic Information Nondiscrimination Act of 2008 (“GINA”).

The final rule is effective on March 26, 2013; covered entities and business associates must comply with the rules by September 23, 2013.  A copy of the rule can be found here.

©2015 Drinker Biddle & Reath LLP. All Rights Reserved


About this Author

The Lobbying & Advocacy team is composed of lawyers and government relations professionals who have extensive experience advancing client interests before the legislative and executive branches of government at the federal, state and municipal levels. We use this experience to assist health care providers, academic medical centers, e-health and telemedicine networks, membership trade organizations, health professional societies, patient advocacy associations and other entities advance their public policy and advocacy agendas.

Our bipartisan...

(202) 230-5126