(Thanks to Ellen Wright Clayton for the pointer)
Recently, Senators Leahy and Kennedy introduced the Health Information Privacy and Security Act to the Senate.
Title I of the bill, "Individual Rights," guarantees an individual's right to supplement, amend, correct, or destroy any of their protected health information maintained or stored by an entity. It also would require entities maintaining, accessing, using, or storing protected health information to provide the individual with a notice of privacy rights and practices, and notify individuals when data corruption or loss of health information is discovered.
Title II of the bill, "Restrictions on Use and Disclosure," includes requirements on groups seeking to disclose protected health information to obtain a signed, written authorization from an individual in connection with any treatment, payment, or other purpose.
Also, individuals must be provided with notification in the case of an actual or attempted security breach if there is at least a "reasonable belief" that protected health information concerning the patient was accessed or acquired during the breach.
A summary of the bill is here.
No comments:
Post a Comment