Home Health & Hospice Week

Industry Note:

2 States Expand Patient Privacy Breach Notification Requirements

If you live in certain states, you may need to tighten up your patient privacy practices. "California and Texas have both significantly expanded statutes that require notifications in the event of a data breach," warns law firm Sidley Austin in an update on its website. Texas also created "significant new protections for health information," Sidley notes. The new California law mandates notification to the California Attorney General when a breach involves more than 500 Californians, Sidley explains. The law also contains new content requirements for notification letters. Under Texas' new law, providers now must notify affected Texans plus affected residents of other states that lack breach notification laws, Sidley says. The notification of other states' residents is "novel," the law firm observes. Remember: Stricter state law requirements trump federal HIPAA rules, legal experts point out.
You’ve reached your limit of free articles. Already a subscriber? Log in.
Not a subscriber? Subscribe today to continue reading this article. Plus, you’ll get:
  • Simple explanations of current healthcare regulations and payer programs
  • Real-world reporting scenarios solved by our expert coders
  • Industry news, such as MAC and RAC activities, the OIG Work Plan, and CERT reports
  • Instant access to every article ever published in Revenue Cycle Insider
  • 6 annual AAPC-approved CEUs
  • The latest updates for CPT®, ICD-10-CM, HCPCS Level II, NCCI edits, modifiers, compliance, technology, practice management, and more

Other Articles in this issue of

Home Health & Hospice Week

View All