The 21st Century Cures Act fundamentally changes how patients can interact with their health information — and October 6 is a significant milestone for these changes.
Starting on October 6, the definition of electronic health information (EHI) will include “the entire scope of the EHI definition [i.e., ePHI that is or would be in a Designated Record Set (DRS)].”
In August, the Office for Civil Rights (OCR) announced a settlement with New England Dermatology P.C., known as New England Dermatology and Laser Center, over the improper disposal of PHI, which is a potential HIPAA Privacy Rule violation.
In early June, Congress released a bipartisan draft bill called the American Data Privacy and Protection Act. The goal of this bill is to create a regulation that organizations in any industry would need to accord with compliance. On the surface, this sounds great, but in reality, it is unrealistic.
