What’s Happening in Privacy Policy

The Department of Health and Human Services continues to promulgate rules to implement the health information technology provisions of the “American Recovery and Reinvestment Act of 2009” (ARRA, P.L. 111-5). In addition to many provisions aimed at creating a national HIT infrastructure, ARRA also created new federal rules governing the privacy and security of health information. Meanwhile, as more health information is transmitted electronically, state and federal governments have become more deeply involved in regulating the exchange of health information.

  • For more information on OCR’s new guidance on the HIPAA privacy rule, view Guidance on HIPAA and Individual Authorization of Uses and Disclosures of Protected Health Information for Research.
  • For more information on recent congressional and regulatory privacy activity, view Recent Policy Activity.
  • For information on and resources from federal agencies and advisory committees involved in privacy policy, view Regulatory Resources.
  • For information on the congressional committees that have primary jurisdiction over health privacy issues, view Legislative Resources.
  • Health Information & the Law, a project of the Department of Health Policy and Management in the Milken Institute School of Public Health at the George Washington University, is dedicated to advancing understanding of federal and state laws that govern health information.  Products and resources, including decision-support tools for health information sharing models, are available online at HealthInfolaw.org.

Partnership to Amend 42 CFR Part 2
Infographic (Politico 42-CFR-Part 2)

Statement: Orlando Mass Shooting and the Federal HIPAA Law


Confidentiality Coalition Activity

The Confidentiality Coalition works closely with key legislators and regulators to ensure HIPAA-related privacy legislation does not impede efforts to provide safe, high-quality, and coordinated healthcare.  Read More.