a typical insurance card includes some identifying personal information

New Rule Mandates Disclosure if Health Data Lost

Health care providers, health plans, and others covered by the Health Insurance Portability and Accountability Act soon must notify individuals whose health information was breached, under today's HHS rule.

Health care providers, health plans, and other entities covered by the Health Insurance Portability and Accountability Act must notify individuals when their health information is breached, under a rule issued Aug. 20 by the U.S. Department of Health and Human Services and set to take effect in 30 days. The regulations, developed by the HHS Office for Civil Rights, say prompt notification must be made to the individuals, and it must be made to the HHS secretary and the media if more than 500 individuals are affected. Breaches affecting fewer than 500 individuals will be reported annually to the secretary.

The rule implements provisions of the Health Information Technology for Economic and Clinical Health Act, which was passed as part of the American Recovery and Reinvestment Act of 2009.

"This new federal law ensures that covered entities and business associates are accountable to the department and to individuals for proper safeguarding of the private information entrusted to their care. These protections will be a cornerstone of maintaining consumer trust as we move forward with meaningful use of electronic health records and electronic exchange of health information," said Robinsue Frohboese, acting director and principal deputy director of the Office for Civil Rights. In the same document as the regulations, HHS updated its guidance spelling out encryption and destruction as the technologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals; using these properly relieves entities of having to notify if there is a breach of such information. HHS said it will update the guidance annually.

Download Center

  • EHS Buyer's Guide

    Download this buyer's guide to make more informed decisions as you're looking for an EHS management software system for your organization.

  • Online Safety Training Buyer's Guide

    Use this handy buyer's guide to learn the basics of selecting online safety training and how to use it at your workplace.

  • COVID Return-to-Work Checklist, Fall 2021

    Use this checklist as an aid to help your organization return to work during the COVID-19 pandemic in a safe and healthy manner.

  • SDS Buyer's Guide

    Learn to make informed decisions while searching for SDS Management Software.

  • Risk Matrix Guide

    Risk matrices come in many different shapes and sizes. Understanding the components of a risk matrix will allow you and your organization to manage risk effectively.

  • Industry Safe

Featured Whitepapers

OH&S Digital Edition

  • OHS Magazine Digital Edition - September 2021

    September 2021


      Managing Combustible Dust and Risk Mitigation
      The Rising Popularity of Safety Helmets on the Jobsite
      Five Tips for a Successful Wear Trial
      Medical Surveillance Versus Medical Screening
    View This Issue