On Monday, April 12, 2023, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the HIPAA Privacy Rule to address the release of reproductive health care information to third parties for the purposes of civil, administrative, or criminal proceedings for care that is lawfully obtained.
OCR has also released a fact sheet on this NPRM. The NPRM included: (1) the addition of new protections with respect to certain information related to reproductive health care; (2) a new obligation for regulated entities to obtain “attestations” (which are different from HIPAA’s traditional authorization) before responding to requests for certain PHI related to reproductive health care; and (3) the modification of the definition of “person,” and the addition of several new definitions.Continue Reading Proposed changes to HIPAA highlight increased demands for third party access to reproductive health data