HHS offers guidance on protecting health information – Modern Healthcare

HHS issued guidance on protecting personally identifiable healthcare information by encrypting or destroying it so that it is rendered “unusable, unreadable or indecipherable to unauthorized individuals.” The 20-page document was the work of a joint effort by HHS, its Office of the National Coordinator for Health Information Technology and Office for Civil Rights, and the CMS.

The guidance was required by the stimulus package and is linked to a pair of breach-notification regulations required under the legislation. One is to be issued by HHS, and the other by the Federal Trade Commission. Previously, the FTC issued an interim rule and a request for comments covering breach notification by personal health-record vendors and other entities not covered by the privacy and security provisions of the Health Insurance Portability and Accountability Act of 1996.

HHS also requests public comments on the proposed rulemaking due by May 21

via HHS offers guidance on protecting health information – Modern Healthcare.

Related posts

• New health-care privacy laws heighten need for HIPAA compliance in California (0)
• New FTC Rules Governing Health Providers Go Into Effect Nov. 1 – Security Blog – InformationWeek (0)
• Law requires health data breach notifications — Federal Computer Week (0)
• Identity Theft – PCI Chiefs Defend Standards, Plans – eWeek Security Watch (1)
• How to Maximize Your IT Security Budget (0)

---

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically each day to your feed reader. If you don't have a feed reader, you can always have these articles delivered to your email inbox every day. Click here to sign up.