OMB Completes HIPAA Rules Review

The Office of Management and Budget (OMB) has finished its review of proposed rules related to changes to HIPAA privacy and security rules, meaning the rules could hit the streets this week.

The OMB reports that it has concluded its regulatory review of the rules HHS sent in April.

Jana Aagaard, Of Counsel, Catholic Healthcare West in the Sacramento Legal Department and of the Law Office of Jana Aagaard in Carmichael, CA, told HealthLeaders Media that regulations could be released as soon as Wednesday. If that's the case, they would be posted in the Federal Register formally a few days later, Aagaard said.

It is unclear exactly which proposed rules will be released. According to the OMB website, HHS "will issue rules to modify the HIPAA Privacy, Security, and Enforcement Rules as necessary to implement the privacy, security, and certain enforcement provisions of subtitle D of the [HITECH]."

In March, the Office for Civil Rights (OCR), which enforces the HIPAA privacy and security rules under HHS, said forthcoming regulations would include:

• Business associate (BA) liability
• New limitations on the sale of personal health information, marketing, and fundraising communications
• Stronger individual rights to access electronic medical records and restricting the disclosure of certain information

The industry has been waiting on rules from OCR concerning HITECH provisions effective February 17.