The Center For Democracy and Technology (CDT) just sent out this announcement:
The U.S. Department of Health and Human Services (HHS) proposed a set of significant updates to health privacy rules. The proposed rule tackles how sensitive patient information is handled under the Health Insurance Portability and Accountability Act (HIPAA), which is the nation’s foremost health privacy law. The rule is open for public comment until September 13th, and CDT intends to file a set during this period.
Although the proposed rule does not clarify some outstanding issues in the health information technology (health IT) area, CDT is encouraged that HHS’ proposed rule would strengthen patient privacy, data security and enforcement of the law. The proposed rule contains numerous changes to the HIPAA Privacy Rule; of those changes, CDT considers the four discussed below to be the most consequential.
1) Business Associates
2) Enforcement
3) Marketing
4) Research
Read their analysis and commentary at http://cdt.org/policy/cdt-breaks-down-proposed-changes-hipaa