Information Security News mailing list archives
HHS readies health security standards
From: InfoSec News <isn () C4I ORG>
Date: Fri, 22 Dec 2000 20:53:23 -0600
http://www.fcw.com/fcw/articles/2000/1218/web-hhs-12-22-00.asp BY Colleen OHara 12/22/2000 The Department of Health and Human Services expects to issue final security standards early next year to protect health care records that are stored or transmitted electronically. HHS issued a draft version of the electronic security regulations in August 1998. The regulations would require all health plans, health care providers and clearinghouses that maintain or transmit medical information electronically to establish appropriate safeguards to ensure that data cannot be lost, improperly accessed or altered. On Wednesday, HHS issued the first national standards designed to protect the privacy of personal medical records whether they are stored electronically or on paper. The regulations put standards in place to protect medical information maintained by health care providers, hospitals, health plans and insurers, and health care clearinghouses. The privacy requirements include: * Providers and health plans must give patients a clear written explanation of how the plan can use, keep and disclose their health information. * Patients must be able to see and get copies of their records and request amendments. * Health care providers who see patients must obtain patient consent before sharing their information for treatment, payment and health care operations purposes. The privacy and security standards are part of the Health Insurance Portability and Accountability Act of 1996. President Clinton said Wednesday that because medical records are increasingly stored electronically, they are easy to abuse. The new privacy rules will "make medical records easier to see for those who should see them, and much harder to see for those who shouldnt," he said. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- HHS readies health security standards InfoSec News (Dec 26)