Howard Anderson writes:
Federal officials are still months away from submitting an overdue report to Congress on privacy and security requirements for personal health records vendors, which are not covered by HIPAA.
Section 13421 of the HITECH Act called for the Department of Health and Human Services to submit a report by last February on the requirements for PHR vendors and others not covered by HIPAA. But the report has been delayed while the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology worked on other projects, says Joy Pritts, ONC’s chief privacy officer. She expects the report to be completed early in 2011.
Read more on HealthInfoSecurity.com