Health care accreditation firm URAC has updated its privacy and security criteria following enacted amendments to the HIPAA rules in the American Recovery and Reinvestment Act. The Washington-based firm will accept public comment through Aug. 3.
The Act requires business associates to comply with the rules as if they were covered entities. It imposes new notification requirements following breaches of personal health records data. The Act enables individuals to request from covered entities an accounting of all disclosures of their protected health information from electronic health records systems. Individuals also can receive an electronic copy of their personal health information maintained in an EHR.
Further, marketing activities using protected health information now are restricted, covered entities are instructed to limit uses and disclosure of personal health information to the "minimum necessary" to conduct a particular function, and enforcement and penalties have been stiffened.
The updated URAC standards are available at urac.org/publiccomment/. The organization's board expects to review final draft standards in October.
--Joseph Goedert
JUN 19, 2009 11:10am ET
URAC Seeks Comment on Updated Standards
Add Your Comments:
You must be registered to post a comment.
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Most Read
Most Emailed
Twitter
Facebook
LinkedIn
Current Issue
A major success factor for accountable care organizations will be linking caregivers across the spectrum of care delivery. If history is any indication, that's going to be an industrywide struggle.
Be the first to comment on this post using the section below.