The Department of Health and Human Services’ Office for Civil Rights has released guidance on methods for de-identification of protected health information in accordance with the HIPAA Privacy Rule. The guidance synthesizes stakeholder input solicited during a March workshop in Washington, DC, consisting of panel sessions on topics related to identification methodologies and policies. Wiley Rein’s Kirk Nahra, CIPP/US, says the new guidance “satisfies one of the many remaining HITECH obligations for HHS. It is a very technical and complicated document and breaks little new ground. It is mainly a ‘best practices’ document rather than new guidance or change in interpretation or approach. We can only hope that issuance of this guidance—which has a September 4 date on it, despite being issued on November 26—means that other HITECH/HIPAA guidance, including the long anticipated final rules, are coming soon.” Meanwhile, feedback on stage three of the HITECH Act’s electronic health record incentive program is being accepted through January 14.
If you want to comment on this post, you need to login.