HHS Issues Interim Final Rule for Breach Notification under the HITECH Act and Designates OCR Regional Office Privacy Advisors

On August 24, 2009, U.S. Department of Health and Human Services (HHS) published an interim final rule on breach notification requirements that implements provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act, passed as part of American Recovery and Reinvestment Act of 2009 (ARRA). The new regulations require health care providers, health plans, and other entities (including business associates) covered by the Health Insurance Portability and Accountability Act (HIPAA) to notify individuals when their health information is breached.


Click the link below to read the full alert.