Hostname: page-component-848d4c4894-xm8r8 Total loading time: 0 Render date: 2024-06-26T08:47:16.280Z Has data issue: false hasContentIssue false
  • English
  • Français

HIPAA Privacy Rule 2.0

Currents in Contemporary Bioethics

Published online by Cambridge University Press:  01 January 2021

Mark A. Rothstein
Get access Rights & Permissions [Opens in a new window]

Extract

On January 25, 2013, the Federal Register published the Department of Health and Human Services (HHS) omnibus amendments to the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, Enforcement, and Breach Notification Rules. These modifications also include the final versions of the HIPAA regulation amendments mandated by the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and the Genetic Information Nondiscrimination Act (GINA). Although the amended rules were effective on March 26, 2013, covered entities and their business associates (which now have direct liability for violations of the regulations) have a compliance date of September 23, 2013.

It has been 10 years since the April 14, 2003 compliance date for the original HIPAA Privacy Rule. Despite HHS’ clarification of some issues by posting answers to frequently asked questions (FAQs), there have been no significant amendments to the Privacy Rule since 2003.

Type
JLME Column
Information
Journal of Law, Medicine & Ethics , Volume 41 , Issue 2 , Summer 2013 , pp. 525 - 528
Copyright
Copyright © American Society of Law, Medicine and Ethics 2013

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

78 Fed. Reg. 5566–5702 (Jan. 25, 2013), amending 45 C.F.R. Parts 160, 164.Google Scholar
Pub. L. No. 111–5, 123 Stat. 226 (2009), codified at 42 U.S.C. §§ 300jj et seq.; §§ 17901 et seq.Google Scholar
Pub. L. No. 110–233, 122 Stat. 881 (2008).Google Scholar
78 Fed. Reg. at 5567 (2013).Google Scholar
45 C.F.R. § 164.534 (2002).Google Scholar
See Department of Health and Human Services, Office for Civil Rights, “HIPAA – Frequently Asked Questions,” available at <www.hhs.gov/ocr/privacy/hipaa/faq/index.html> (last visited May 7, 2013).+(last+visited+May+7,+2013).>Google Scholar
45 C.F.R. § 164.502(a)(5)(ii).Google Scholar
Id.Google Scholar
45 C.F.R. § 164.508(b)(4)(i).Google Scholar
45 C.F.R. Part 46, Subpart A.Google Scholar
45 C.F.R. § 46.116.Google Scholar
45 C.F.R. § 164.508(b)(3).Google Scholar
Rothstein, M. A., “Research Privacy under HIPAA and the Common Rule,” Journal of Law, Medicine & Ethics 33, no. 1 (2005): 154159.CrossRefGoogle Scholar
78 Fed. Reg. at 5613 (2013).Google Scholar
Rothstein, M. A., “Expanding the Ethical Analysis of Biobanks,” Journal of Law, Medicine & Ethics 33, no. 1 (2005): 89101, at 94.CrossRefGoogle Scholar
45 C.F.R. § 164.502(f) (2003). It should be noted that only living individuals may be research subjects under the Common Rule and therefore there is no prohibition on the use of the records for research.Google Scholar
45 C.F.R. § 164.502(f) (2013).Google Scholar
78 Fed. Reg. at 5614.Google Scholar
National Committee on Vital and Health Statistics, Minutes of the Meeting of the Subcommittee on Privacy and Confidentiality, January 11, 2005, at 24, available at <http://www.ncvhs.hhs.gov/050111.htm> (last visited January 25, 2013).+(last+visited+January+25,+2013).>Google Scholar
American Medical Association, Code of Medical Ethics § 5.051, Confidentiality of Medical Information Postmortem, 2011–2012 ed. (Chicago: American Medical Association).Google Scholar
GINA § 105.Google Scholar
See, e.g., Bekris, L. Yu, C. Bird, T. D. Tsuang, D. W., “Genetics of Alzheimer Disease,” Journal of Geriatric Psychiatry and Neurology 23, no. 4 (2010): 213227; Bettens, K. Sleegers, K. Van Broeckhoven, C., “Genetic Insights into Alzheimer's Disease,” The Lancet Neurology 12, no. 1 (2013): 92–104.CrossRefGoogle Scholar
45 C.F.R. § 164.502(a).Google Scholar
See Rothstein, M. A., “Predictive Genetic Testing for Alzheimer's Disease in Long-Term Care Insurance,” Georgia Law Review 35, no. 2 (2001): 707733.Google Scholar
GINA § 102(a)(4).Google Scholar
78 Fed. Reg. at 5663.Google Scholar
See Rothstein, M. A., “GINA, the ADA, and Genetic Discrimination in Employment,” Journal of Law, Medicine & Ethics 36, no. 4 (2008): 837840.CrossRefGoogle Scholar
78 Fed. Reg. at 5668.Google Scholar
Id.Google Scholar
American Medical Association, Code of Medical Ethics § 2.131 Disclosure of Familial Risk in Genetic Testing, 20112012 ed., Chicago.Google Scholar
American Society of Human Genetics, “Professional Disclosure of Familial Genetic Information,” American Journal of Human Genetics 62, no. 2 (1998): 474483.CrossRefGoogle Scholar