a typical insurance card includes some identifying personal information

New Rule Mandates Disclosure if Health Data Lost

Health care providers, health plans, and others covered by the Health Insurance Portability and Accountability Act soon must notify individuals whose health information was breached, under today's HHS rule.

Health care providers, health plans, and other entities covered by the Health Insurance Portability and Accountability Act must notify individuals when their health information is breached, under a rule issued Aug. 20 by the U.S. Department of Health and Human Services and set to take effect in 30 days. The regulations, developed by the HHS Office for Civil Rights, say prompt notification must be made to the individuals, and it must be made to the HHS secretary and the media if more than 500 individuals are affected. Breaches affecting fewer than 500 individuals will be reported annually to the secretary.

The rule implements provisions of the Health Information Technology for Economic and Clinical Health Act, which was passed as part of the American Recovery and Reinvestment Act of 2009.

"This new federal law ensures that covered entities and business associates are accountable to the department and to individuals for proper safeguarding of the private information entrusted to their care. These protections will be a cornerstone of maintaining consumer trust as we move forward with meaningful use of electronic health records and electronic exchange of health information," said Robinsue Frohboese, acting director and principal deputy director of the Office for Civil Rights. In the same document as the regulations, HHS updated its guidance spelling out encryption and destruction as the technologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals; using these properly relieves entities of having to notify if there is a breach of such information. HHS said it will update the guidance annually.

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • Comply with OSHA’s Electronic Recordkeeping Requirements

    Collect relevant incident data and generate accurate OSHA 300, 300A, and 301 regulatory reports, including 300A CSV files for easy electronic submission to OSHA.

  • Complete Online Safety Training Courses

    Deliver state-of-the art, online safety training courses to your organization with IndustrySafe Training Management Software. Generate reports to track training compliance and automatically notify learners of upcoming or overdue classes.

  • Easy to Use Safety Inspection App

    Conduct inspections on the go with IndustrySafe’s mobile app. Complete safety audits at job sites and remote locations—with or without web access.

  • Track Key Safety Performance Indicators

    IndustrySafe’s Dashboard Module allows organizations to easily track safety KPIs and metrics. Gain increased visibility into your business’ operations and safety data.

  • Industry Safe
comments powered by Disqus
Live From Safety