OCR Wants Your Help: How Can the HIPAA Privacy Rules Be Improved?

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a request for information about how it could modify the Health Insurance Portability and Accountability Act (HIPAA) privacy, security, and breach notification rules to improve coordinated care. OCR wants to identify privacy and security regulations that may impede the transition to value-based care or those that limit or discourage coordinated care, without meaningfully contributing to the protection of PHI (protected health information). OCR is also requesting broad input on the HIPAA rules, as well as other areas for improvement, including how to address the opioid crisis and behavioral health and account for disclosures of PHI under the HITECH (Health Information Technology for Economic and Clinical Health) Act.