DHHS Proposed Rule Implements the HITECH Act and Amends HIPAA Rules

July 26, 2010
The Department of Health and Human Services recently published a proposed rule modifying the HIPAA privacy, security, and enforcement rules. The proposed rule implements various provisions of the HITECH Act and makes various other changes to the HIPAA rules. This update examines the most significant changes, which include requiring business associates and their subcontractors to comply with some HIPAA requirements, requiring covered entities to amend business associate agreements, and requiring covered entities to add provisions to their notices of privacy practices.