The Center for Democracy and Technology (CDT) submitted comments to a notice of proposed rulemaking (NPRM) from the U.S. Dept. of Health and Human Services (HHS) making significant changes to how sensitive patient information is handled under the Health Insurance Portability and Accountability Act (HIPAA). Much of the NPRM implements requirements passed by…
The U.S. Department of Health and Human Services (HHS) proposed a set of significant updates to health privacy rules. The proposed rule tackles how sensitive patient information is handled under the Health Insurance Portability and Accountability Act (HIPAA), which is the nation’s foremost health privacy law. The rule is open for public comment until September 13th, and CDT intends…
1) CDT Files Two Sets of Comments to the FCC about the Importance of Privacy in the Context of the National Broadband Plan
2) The National Broadband Plan should release an updated version of FIPs to guide privacy practices by the federal government and industry.
3) The National Broadband Plan should recommend enactment of a federal baseline consumer privacy law.
These Myths and Facts documents answer common myths about HIPAA and health privacy. These facts correct long-standing myths about the right to privacy, patient consent and rights, enforcement of HIPAA provisions, Internet- based health services, the interaction between HIPAA and state laws, information disclosures, marketing, and de-identified data.
Personal health records (PHRs) – records that are managed, controlled, and shared by individuals rather than their healthcare providers-hold the potential to transform healthcare by empowering consumers and patients to become key, informed decision-makers in their own care. These records increase individual control over personal data and permit individuals to record, store, and share relevant health information, including data…
The economic stimulus bill signed by President Obama on February 17 included provisions making significant improvements in federal health privacy law. The changes are complicated and incremental. They build on existing privacy and security rules issued under the Health Insurance Portability and Accountability Act (HIPAA). The new protections do not constitute the comprehensive framework that CDT has recommended, but…