CT Breach Notification Case Proves HITECH's Worth
Dawn McDaniel, a spokesperson for the Connecticut Insurance Department, told HealthLeaders Media in an e-mail that the bulletin is in response to "some recent data breaches, which were not reported in what we believe to be a timely manner."
Though neither OCR nor Connecticut officials would say that the breach notification change in Connecticut is a direct effect of HITECH, OCR did praise Blumenthal's actions. In an e-mail to HealthLeaders Media, an OCR spokesperson called it an illustration of the strong partnership between federal and state regulators envisioned in the HITECH act.
"The Office for Civil Rights at HHS views the actions of the Connecticut state attorney general in the Health Net matter as demonstrating the effective federal-state partnership to HIPAA compliance as envisioned by the HITECH Act," he wrote. "These actions can provide greater protections for the residents of Connecticut, and serve to stimulate a more robust culture of compliance among organizations responsible for protected health information."
The spokesman called the actual breach notification changes in Connecticut a matter "within state jurisdiction and— independent of new HITECH authorities and HIPAA requirements."
Technically, yes. But it's hard to argue that the changes are not at least a residual effect of a HITECH-granted power.
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- MU Compliance Announcement Sparks Concern, Confusion
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- Scary Financial Challenges for 2014
- MGMA Urges 'End-to-End' ICD-10 Testing
- 1 in 5 CT Screenings for Lung Cancer Results in Overdiagnosis
- Resisting the Healthcare Consolidation Frenzy
- LifePoint Bolsters Presence in Michigan's Upper Peninsula
- Give Nurses in Wheelchairs a Chance
- Telehealth Improves Patient Care in ICUs
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services