HIPAA

Coronavirus Testing and Privacy: Frequently Asked Questions

Who has the records of my COVID-19 test if I want to get a copy of the results? What privacy law applies?   How many entities will know that I tested positive for COVID-19?  How much detail will be collected and revealed about my COVID-19 test?  Can I get a record of everything related to

WPF Statement on COVID-19 and Changes in HIPAA Practices

In response to the COVID-19 (coronavirus) pandemic, the U.S. Department of Health and Human Services announced some changes in HIPAA practices. This statement from WPF includes the following information:  
-What are the changes to HIPAA during the COVID-19 emergency? 
-What are the privacy concerns? 
-WPF recommendations to ensure patient privacy is protected  

WPF urges National Institutes of Health to expand privacy guidance for researchers

WPF is urging the National Institutes of Health to do more to properly advise the research community and to protect data subjects in its draft guidance on data management and sharing. WPF is asking for changes to the NIH guidance because in the US, much health research data in the hands of researchers is not subject to the privacy or security rules in HIPAA.

WPF to testify before NCVHS on emerging privacy concerns in health privacy — Beyond Digitization: Artificial Intelligence, APIs, and health privacy

WPF Executive Director Pam Dixon will testify before the full committee of the National Committee on Vital and Health Statistics (NCVHS) regarding emerging privacy concerns in the healthcare environment, including the role of artificial intelligence, patient authorizations, and automated access to patient health information.  The NCVHS is the statutory [42 U.S.C. 242k(k)] public advisory body

HHS takes first-ever enforcement action under HIPAA’s right of access to health records

The Office of Civil Rights in the US Department of Health and Human Services has taken its first enforcement action under the HIPAA right of patient access to health records. HHS announced that it fined a health care provider $85,000 for failing to provide health care records to a patient upon written request, stating in