On May 18, 2023 the Federal Trade Commission (FTC) released a Notice for Proposed Rule Making (NPRM) for updates to the Health Breach Notification Rule, 16 C.F.R. Part 318 (the Rule). The Rule serves to ensure entities that are not defined as Covered Entities under the Health Insurance Portability and Accountability Act (HIPAA) are nevertheless accountable when the sensitive health information of consumers is compromised and that entities cannot conceal breaches from consumers. The Rule imposes notification requirements for a breach of unsecured identifiable health ...
When Covered Entities or Business Associates or their counsel analyze whether a particular disclosure of Protected Health Information (or PHI, as defined in HIPAA) is permissible, they should be sure also to analyze whether the disclosure complies with HIPAA’s Minimum Necessary Rule (MNR), which is oft forgot. This issue arises when disclosing PHI in response to subpoenas, which HIPAA permits as long as the disclosing party receives satisfactory assurances that the requesting party has made reasonable efforts to obtain a protective order or to notify the individual(s) who ...
Our Health Law Ticker is a one-stop resource for everything new and noteworthy in healthcare law. We cover recent developments in healthcare legislation, healthcare reform, Medicare/Medicaid, managed care, litigation, regulatory compliance, HIPAA, privacy, peer review, medical staffs and general business operations for healthcare companies and licensed healthcare professionals.
Stay Connected
RSS Feed