U.S. Department of Health and Human Services Announces Proposed Changes to HIPAA Privacy Rule: People who believe a covered entity has violated their (or someone else’s) health information privacy rights or committed another violation of the HIPAA Privacy or Security Rule, may provide comments on proposed changes

The U.S. Department of Health and Human Services issued the following announcement of proposed regulation changes that would would give people the right to get a report on who has electronically accessed their protected health information.  Below, find information about how to make sure your comments are submitted through the Federal Register.  Below that is information on how to file a HIPAA complaint.


HHS announces proposed changes to HIPAA Privacy Rule

HITECH lets people know who has accessed their health information

A Notice of Proposed Rulemaking concerning the accounting of disclosures requirement under the Health Insurance Portability and Accountability (HIPAA) Act Privacy Rule, is available for public comment. The proposed rule would give people the right to get a report on who has electronically accessed their protected health information.

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) is proposing changes to Privacy Rule, pursuant to the Health Information Technology for Economic and Clinical Health (HITECH) Act. HITECH is part of the American Recovery and Reinvestment Act of 2009.

“This proposed rule represents an important step in our continued efforts to promote accountability across the health care system, ensuring that providers properly safeguard private health information,” said OCR Director Georgina Verdugo. “We need to protect peoples’ rights so that they know how their health information has been used or disclosed.”

People would obtain this information by requesting an access report, which would document the particular persons who electronically accessed and viewed their protected health information. Although covered entities are currently required by the HIPAA Security Rule to track access to electronic protected health information, they are not required to share this information with people.

The proposed rule requires an accounting of more detailed information for certain disclosures that are most likely to affect a person’s rights or interests. The proposed changes to the accounting requirements provide information of value to individuals while placing a reasonable burden on covered entities and business associates.

People may now read the proposed rule at:
http://www.federalregister.gov/ and submit comments to http://www.regulations.gov/ (search for Proposed Rule) through August 1, 2011.

 http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html.
__________________________________


People who believe a covered entity has violated their (or someone else’s) health information privacy rights or committed another violation of the HIPAA Privacy or Security Rule, may file a complaint with OCR at

How To File a HIPAA Complaint

If you believe that a covered entity violated your (or someone else’s) health information privacy rights or committed another violation of the Privacy or Security Rule, you may file a complaint with OCR. OCR can investigate complaints against covered entities.


COVERED ENTITIES - A covered entity is a health plan, health care clearinghouse, and any health care provider that conducts certain health care transactions electronically. For more information, please review our Understanding Health Information Privacy section or look at our responses to Frequently Asked Questions (FAQs) on our web site.

COMPLAINT REQUIREMENTS - Your complaint must:
Be filed in writing, either on paper or electronically, by mail, fax, or e-mail;
Name the covered entity involved and describe the acts or omissions you believe violated the requirements of the Privacy or Security Rule; and
Be filed within 180 days of when you knew that the act or omission complained of occurred. OCR may extend the 180-day period if you can show "good cause."

ANYONE CAN FILE! - Anyone can file a complaint alleging a violation of the Privacy or Security Rule. We recommend that you use the OCR
Health Information Privacy Complaint Form Package. You can also request a copy of this form from an OCR regional office. If you need help filing a complaint or have a question about the complaint or consent forms, please e-mail OCR at OCRMail@hhs.gov.

HIPAA PROHIBITS RETALIATION - Under HIPAA an entity cannot retaliate against you for filing a complaint. You should notify OCR immediately in the event of any retaliatory action.

HOW TO SUBMIT YOUR COMPLAINT - To submit a complaint, please use one of the following methods.

If you mail or fax the complaint, be sure to send it to the appropriate
OCR regional office based on where the alleged violation took place. OCR has ten regional offices, and each regional office covers specific states. Send your complaint to the attention of the OCR Regional Manager. You do not need to sign the complaint and consent forms when you submit them by e-mail because submission by e-mail represents your signature.File A Complaint Using Our Health Information Privacy Complaint Package


File A Complaint Using Our Health Information Privacy Complaint Package

Open and fill out the
Health Information Privacy Complaint Form Package in PDF format. You will need Adobe Reader software to fill out the complaint and consent forms. You may either: print and mail or fax the completed complaint and consent forms to the appropriate OCR regional office; or
e-mail the completed complaint and consent forms to
OCRComplaint@hhs.gov.(Please note that communication by unencrypted e-mail presents a risk that personally identifiable information contained in such an e-mail, may be intercepted by unauthorized third parties.)

File A Complaint Without Using Our Health Information Privacy Complaint Package

If you choose not to use the OCR
Health Information Privacy Complaint Form Package, please provide the information specified below by either:

mail or fax to the appropriate
OCR regional office; or
e-mail to
OCRComplaint@hhs.gov.
File A Security Rule Complaint
If you prefer, you may submit a written complaint in your own format. Be sure to include the following information:
  • Your name
  • Full address
  • Telephone numbers
  • E-mail address (if available)
Name, full address and telephone number of the person, agency or organization you believe violated your (or someone else’s) health information privacy rights or committed another violation of the Privacy or Security Rule
Brief description of what happened. How, why, and when do you believe your (or someone else’s) health information privacy rights were violated, or how the Privacy or Security Rule otherwise was violated; Any other relevant information; Your signature and date of complaint
If you are filing a complaint on someone’s behalf, also provide the name of the person on whose behalf you are filing.
The following information is optional:
  • Do you need special accommodations for us to communicate with you about this complaint?
  • Who else can we call if we cannot reach you?
  • Have you filed your complaint somewhere else? If so, where?


Additional information about OCR’s enforcement activities can be found at http://www.hhs.gov/ocr.








For more information about Miami-Dade, Broward and Palm Beach County home health care for seniors and other family members, contact Brian Gauthier at A Family Member Home Care (954) 986-5090 or www.afamilymemberhomecare.com. Serving Coconut Creek Cooper City Coral Springs Dania Beach Davie Deerfield Beach Fort Lauderdale Hallandale Beach, Hillsboro Beach Hollywood Lauderdale Lakes Lauderdale-by-the-Sea Lauderhill Lazy Lake Lighthouse Point Margate Miramar North Lauderdale Oakland Park Parkland Pembroke Park Pembroke Pines Plantation Pompano Beach Sea Ranch Lakes Southwest Ranches Sunrise Tamarac Weston Wilton Manors Aventura Sunny Isles Beach Hialeah Miami Lakes Boca Raton Delray Beach

0 comments:

Post a Comment