Healthcare Information Security

HIPAA and Compliance News

Wyoming Seeks to Repeal Hospital Privacy Regulation for HIPAA Clarity

Enacted in 1991 before HIPAA, the law has since become redundant. Lawmakers want to eliminate language that can complicate compliance and burden providers with undue risk.

HIPAA compliance state privacy laws

By Jessica Davis

- Wyoming state senators recently proposed a bill that would clarify regulations around patient privacy in the state.

Introduced on Tuesday, the legislation would repeal the state’s Hospital Records Act of 1991, which was designed to protect patient privacy rights in regards their medical records. The state law sought to provide patients with protections that federal laws did not cover, as HIPAA wasn’t enacted until 1996.

At the time, the legislation covered hospital disclosures of patient data, patient authorizations prior to disclosure, privacy practices around publishing notes, authorizations for those who can act on behalf of the patient, retention rules, and security safeguards.

While deemed effective, it became redundant after the enactment of HIPAA and its privacy and security rules, as the laws and compliance requirements are similar.

“It was the state’s attempt to protect patient information and I actually think they did a really good job,” Wyoming Hospital Association President Eric Boley told local news outlet The Sheridan Press. “But once HIPAA was enacted, some conflicts arose (between the two laws).”

“If a patient was seen in a hospital, it fell under the Hospital Records Act, but if a patient was seen in a physician’s clinic, it fell under HIPAA,” he added. “There were just discrepancies in how the medical field could comply with law.”

To Boley, those compliance complications could actually put providers at unnecessary risk. The repeal of the law is designed to create a clearer regulation without cutting back on patient privacy protections.

The updated legislation removes Hospital Records Act language, when HIPAA is involved to create a more succinct data privacy law.

For example, the quality assurance program mandated by the law would ensure organizations “record proceedings of formal quality assurance program activities and maintain documentation in a confidential manner. Quality assurance program minutes shall be available to the administrator.” The Hospital Act language was removed, while HIPAA-compliant language remained.

The new legislation will “repeal provisions related to hospital record confidentiality and disclosure; recreate provisions related to medical staff committees as specified; amend references to repealed sections; and provide for an effective date.”

The act has already passed three state Senate meetings and will move to the state House for introduction. If passed, the law would become effective by July 1, 2019.

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...