 |
| HHS Issues First Guidance On New Patient
Privacy Regulations |
|
(Press release from the Department of Health and Human
Services)
Date: July 6, 2001
Headline: HHS ISSUES FIRST
GUIDANCE ON NEW PATIENT PRIVACY PROTECTIONS
The Department of
Health and Human Services (HHS) today issued the first in a series of guidance
materials on new federal privacy protections for medical records and other
personal health information.
Today's guidance explains and clarifies
key provisions of the medical privacy regulation, which was published last
December. Providing this guidance is part of an ongoing process to help health
care providers and health plans come into compliance with the regulation by
April 14, 2003.
"The patient privacy rule will provide strong
protections for personal health information while maintaining the high quality
of care that Americans expect," HHS Secretary Tommy G. Thompson said. "This
guidance is an opening step in helping physicians, health care providers and
health plans understand their obligations to patients under the
rule."
The guidance -- available on the Web at
http://www.hhs.gov/ocr/hipaa -- answers common questions about the new
protections for consumers and requirements for doctors, hospitals, other
providers, health plans and health insurers, and health care clearinghouses. It
also clarifies some of the confusion regarding the meaning of key provisions of
the rule.
For example, the guidance makes clear that hospitals do not
have to build private, soundproof rooms to prevent overheard conversations
about a patient's condition, as some mistakenly believed. Rather, the rule
simply requires that hospitals provide reasonable safeguards to protect
confidential information - such as using curtains, screens or similar barriers,
which are often already used. The guidance also indicates that the rule allows
a friend or relative to pick up a patient's prescription at the pharmacy, as
often occurs today.
Congress in 1996 recognized the need for national
patient privacy standards and set a three-year deadline for itself to enact
such protections as part of the Health Insurance Portability and Accountability
Act of 1996 (HIPAA). When Congress did not enact such legislation after three
years, the law required HHS to adopt such protections via
regulation.
HHS proposed federal privacy standards in 1999 and, after
reviewing and considering more than 50,000 public comments on them, published
final standards in December 2000. Secretary Thompson requested public comment
on the rule this spring before allowing the rule to take effect on April
14.
The guidance addresses many key issues of concern reflected in the
more than 11,000 separate public comments on the final rule submitted to HHS
during a 30-day comment period this March. Topics include patient consent,
parental rights, marketing, medical research and governmental access
issues.
Most covered entities have until April 14, 2003, to comply with
the patient privacy rule; small health plans have an additional year to comply.
HHS' Office for Civil Rights will conduct extensive outreach to consumers and
health care providers to explain what the rule means for them. HHS also will
provide technical assistance and further guidance to health care providers and
other covered entities to help them comply.
As permitted under the HIPAA
law itself, HHS also expects to propose appropriate changes to the rule in
order to ensure that it does not adversely affect patients' access to quality
health care. For example, Secretary Thompson has said he intends to propose
modifications to ensure that a pharmacist can fill a phoned-in prescription for
a new patient, even when the pharmacist does not first have the patient's
signed consent on file. |
|
|
|
|
|
