Need a Quick Primer on HHS' Breach Notification Regulations?

The Academy has unveiled a new resource that should help family physicians interpret language regarding new requirements from HHS that compel covered entities and their business associates to notify individuals if their health information is released inappropriately, or breached.

The HHS requirements are outlined in the Health Information Technology for Economic and Clinical Health, or HITECH, Act, which was part of the American Recovery and Reinvestment Act of 2009. The 32-page notice of the interim final rule was published in the Aug. 24 Federal Register (32-page PDF; About PDFs).

Steven Waldren, M.D., director of the Academy's Center for Health IT, has summarized pertinent details in the interim rule and posted that information online for members to review.

"This is fairly dense language, as is often the case with government regulatory efforts," said Waldren. "In an effort to save members time and frustration, I zeroed in on a few sections of the regulations that are most likely to impact family physicians' practices."

He noted that the interim rule was effective on Sept. 29 but could be modified based on public comments received by HHS on or before Oct. 23.

In his explanation of the HHS regulations, Waldren answers questions such as

In addition, Waldren provides tips on how members can ease compliance with the regulations. A list of additional government resources also is included.