HHS readies health security standards

The Department of Health and Human Services expects to issue final security

standards early next year to protect health care records that are stored

or transmitted electronically.

HHS issued a draft version of the electronic security regulations in August

1998. The regulations would require all health plans, health care providers

and clearinghouses that maintain or transmit medical information electronically

to establish appropriate safeguards to ensure that data cannot be lost,

improperly accessed or altered.

On Wednesday, HHS issued the first national standards designed to protect

the privacy of personal medical records whether they are stored electronically

or on paper. The regulations put standards in place to protect medical information

maintained by health care providers, hospitals, health plans and insurers,

and health care clearinghouses.

The privacy requirements include:

* Providers and health plans must give patients a clear written explanation

of how the plan can use, keep and disclose their health information.

* Patients must be able to see and get copies of their records and request

amendments.

* Health care providers who see patients must obtain patient consent before

sharing their information for treatment, payment and health care operations

purposes.

The privacy and security standards are part of the Health Insurance Portability

and Accountability Act of 1996.

President Clinton said Wednesday that because medical records are increasingly

stored electronically, they are easy to abuse. The new privacy rules will

"make medical records easier to see for those who should see them, and much

harder to see for those who shouldn't," he said.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.