Health and Human Services Secretary Donna E. Shalala released the nation's first standards for protecting the privacy of Americans' personal health records.
Health and Human Services Secretary Donna E. Shalala released the nation's first standards for protecting the privacy of Americans' personal health records.
This new regulation will protect medical records and other personal health information maintained by healthcare providers, hospitals, health plans and health insurers, and healthcare clearinghouses.
"For the first time, all Americans - no matter where they live, no matter where they get their healthcare - will have protections for their most private personal information, their health records," Secretary Shalala said.
The new standards limit the non-consensual use and release of private health information, give patients new rights to access their medical records and to know who else has accessed them, restrict most disclosure of health information to the minimum needed for the intended purpose, establish new criminal and civil sanctions for improper use or disclosure, and establish new requirements for access to records by researchers and others.
The earlier proposal applied to electronic records and to any paper records that had at some point existed in electronic form. The final regulation provides protection for paper, oral and electronic information, creating a privacy system that covers all personal health information created or held by covered entities.
The final rule also requires that most providers get their patients' consent for routine use and disclosure of health records, in addition to requiring their authorization for non-routine disclosures. The earlier version proposed allowing routine disclosures without advance consent â disclosures for purposes of treatment, payment and healthcare operations (such as internal data gathering by a provider or healthcare plan). But most of those commenting on this provision, including many physicians, believed consent should be obtained in advance even for these routine purposes.
Other changes from the proposed rule include:
•Â Allowing disclosure of full medical records to providers for purposes of treatment. The final rule gives providers full discretion in determining what personal health information to include when sending patients' medical records to other providers for treatment purposes.
•Â Protecting against unauthorized use of medical records for employment purposes. Companies that sponsor health plans will not be able to access personal health information from the sponsored plan for employment-related purposes without authorization from the patient.
The new regulation is designed to enhance the protections afforded by many existing state laws. In circumstances where the federal rules and state laws are in conflict, the stronger privacy protection will prevail. The standards apply to all consumers, whether they are privately insured, uninsured or participating in public programs such as Medicare or Medicaid. Most covered entities will have two years to come into compliance.
While the new regulation significantly strengthens protections for patients' confidentiality, Secretary Shalala said Congress still needs to act in areas not covered by existing federal law. Under current law, the final regulation does not directly cover many entities, including life insurers and worker's compensation programs - thus allowing unlimited use and reuse of information by such entities. Federal legislation is also needed to fortify the penalties and to create a private right of action so that citizens can hold health plans and providers directly accountable for inappropriate and harmful disclosures of information. PR
The Transformative Role of Medical Information in Customer Engagement
October 3rd 2024Stacey Fung, Head of Global Medical Information at Gilead Lifesciences, delves into the evolving role of Medical Information (MI) in the pharmaceutical industry. Covering key topics like patient engagement through omnichannel strategies, combating misinformation, and leveraging AI to enhance medical inquiries, the conversation with Stacey highlights MI's critical role in ensuring patient safety and supporting drug development. She also shares her professional journey and tidbits for early career professionals on professional development.
Seeking Sustainable Solutions: Can Passion and Profit Coexist in Pharma ESG Efforts?
October 15th 2024Industry leaders gather to discuss different ways life sciences organizations can champion their environmentally-conscious younger employees while combatting still-entrenched public mistrust.
Unlocking value and cost savings in patient services with technology and talent
October 2nd 2024Traci Miller, Director, Sonexus™ Access and Patient Support, Cardinal Health, discusses the current digital trends in the patient services industry and how the optimal balance of technology and talent can transform manufacturer-sponsored patient support programs. Hear how Cardinal Health combines best-in-class program and pharmacy operations with smart digital tools to ensure product and patient success and reduce operational costs.