Protection of Health Information under HIPAA and the FTC Act: A Comparison V. 1

1 1 (July 28, 2022)

$handle is hein.crs/goveiab0001 and id is 1 raw text is: S\Congressional ______ R aesearch S rvice Protection of Health Information Under HIPAA and the FTC Act: A Comparison July 28, 2022 On June 24, 2022, the Supreme Court decided Dobbs v. Jackson Women's Health Organization, overturning Roe v. Wade, and holding that the U.S. Constitution does not confer a right to abortion. Following the decision, individual states may begin to prohibit abortions or enforce preexisting bans on abortion, including through the imposition of criminal penalties. This has raised concerns by some regarding the privacy of medical information from law enforcement investigations, particularly reproductive health information held by providers, health plans, smartphone apps, and others. Although Congress is considering legislation to establish a nationally applicable consumer privacy framework for digital information generally, current federal laws addressing the privacy of health information are not uniform and may depend on the type of entity holding such data. Specifically, the Privacy Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) generally applies only to protected health information (PHI) held by certain health-care-related entities, known as HIPAA covered entities. In contrast, some non-HIPAA covered entities' privacy practices may be regulated by the Federal Trade Commission Act (FTC Act). HIPAA Privacy Rule Authorized by HIPAA, the Privacy Rule was first promulgated by the Department of Health and Human Services (HHS) in 2001. The Rule generally governs the use or disclosure of PHI held by HIPAA covered entities or their business associates. On June 29, 2022, following the Dobbs decision, HHS's Office of Civil Rights (OCR) issued new guidance addressing HIPAA's protection of reproductive health information. On July 8, 2022, President Biden issued an executive order directing the Secretary of HHS to consider taking actions, including providing additional guidance, to strengthen the protection of reproductive health care services under the HIPAA Privacy Rule. HIPAA's definitions of covered entities and PHI are important to understanding the scope of protections offered by the Privacy Rule. This section describes these definitions and discusses relevant exceptions to the general prohibition against disclosure without consent, as well as the potential impact HHS's new guidance may have on such exceptions. Congressional Research Service https://crsreports.congress.gov LSB10797 CRS Legal Sidebar Prepared for Members and Committees of Congress$

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Already a HeinOnline Subscriber?

Log In

profiles profiles most

What Is HeinOnline?

Purchase Access

Log In

NEED HELP?

CONTACT US

Get started

Subscribe to our Newsletter