HIPAA Final Rule: Prohibited Uses and Disclosures of Genetic Information for Underwriting Purposes

March 6, 2013.  Today, we continue going through the HIPAA Privacy Rule, section by section, as modified in the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. Our focus today is on the first of two prohibited uses and disclosures of protected health information in the…

READ MORE

HIPAA Final Rule: Modified Privacy Rule Definition–Payment

February 27, 2013.  Today, we start to examine definitions pertaining to the HIPAA Privacy Rule, and begin with payment, as modified in the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. Here is the discussion in the Final Rule related to the proposed modification to the…

READ MORE

HIPAA Final Rule: Genetic Information Nondiscrimination Act: Underwriting Prohibitions

February 18, 2013.  Today, we examine underwriting prohibitions as they relate to modifications of the HIPAA Privacy Rule required under the Genetic Information Nondiscrimination Act (GINA). These modifications are in the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. The Final Rule states:  “The final rule…

READ MORE

HIPAA Final Rule: Genetic Information Nondiscrimination Act (GINA) Definitions

February 15, 2013.  Today, we present several new definitions relating to the Genetic Information Nondiscrimination Act (GINA), which addressed the application of the HIPAA Privacy Rule to genetic information.  The definitions are in the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. The Final Rule states: …

READ MORE

HIPAA Final Rule: Modification of Business Associate Definition, Part (6)–Exceptions

February 14, 2013.  Today, we finish examining the business associate definition, focusing on exceptions, as modified by the Final Rule:  Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act [HITECH Act] and the Genetic Information Nondiscrimination Act; Other Modifications of the HIPAA Rules, which was published in the Federal Register on January 25, 2013.  The effective date of the Final Rule is March 26, 2013, and covered entities and business associates must comply by September 23, 2013. Paragraph (4) of the modified definition outlines 4 exceptions (45 CFR 160.103, Definitions, as shown at 78 Federal Register 5688):…

READ MORE

Direct Data Entry-No Change in the 5010 Final Rule

In the August 17, 2000 Final Rule for Standards for Electronic Transactions, direct data entry was defined as “direct entry of data (for example, using dumb terminals or web browsers) that is immediately transmitted into a health plan’s computer.” [65 Federal Register 50367] An exception for direct data entry was articulated in the August 17, 2000, Final Rule: A health care provider electing to use direct data entry offered by a health plan to conduct a transaction for which a standard has been adopted under this part must use the applicable data content and data condition requirements of the standard when conducting the transaction. The health care provider is not…

READ MORE