Upcoming HHS/OCR Breach Notification Requirements

Law360, New York (August 28, 2009, 3:47 PM EDT) -- The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued an interim final rule related to the Health Information Technology for Economic and Clinical Health Act (HITECH) requiring covered entities under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and their business associates to provide notification to individuals of breaches of unsecured protected health information (“PHI”) to unauthorized individuals.

The rule requires HIPAA covered entities and their business associates that “access, maintain, retain, modify, record, store, destroy or otherwise...
To view the full article, register now.