San Antonio Express-News reports on a new state privacy law in Texas that will place more stringent requirements on physicians and other entities using electronic health records (EHRs). HB 300 took effect September 1 and expands existing requirements under HIPAA. Changes include a broader definition of “covered entities” to anyone who handles protected health information, including business associates, schools and researchers. Covered entities must prominently display notices on authorized disclosures, and patient consent is required for certain other disclosures. The law also requires entities to comply with patient requests for their EHRs within 15 days.
If you want to comment on this post, you need to login.