PrivacyPro Reference Library Updates


Published on

Many regulatory updates have been made for the period of February 19 – June 12, 2019. Highlights of the changes are as follows:

  • Changes to language and final actions for new Massachusetts, Colorado and Washington State breach and privacy laws.
  • The new Conscience Final Rule – this could have implications for notices that are sent that may involve the NPP (Notice of Privacy practices) and OCR enforcement which could open an investigation into privacy and security if a complaint about the Conscience rule is investigated. A summary sheet is available in the Reference Library about this and the next two items.
  • The new NPRM (Notice of Proposed Rule Making) for non-discrimination (sexual identity and tag lines) – this has provisions that are tied to privacy notices. No changes to the privacy notice policy has been adopted yet as the rule is only ‘proposed’ at this point.
  • New Business Associate liability fact sheet
  • Password change guidance in policy templates
  • Added 42 CFR Part 2 summary for disclosures into policy templates
  • Added audit log retention into policy templates
  • Added ONC 21st Century Cures act Interoperability and information blocking information
  • GDPR vs HIPAA differences document

Current customers can find the entire Regulatory Update Summary Excel document using the link below. This and earlier versions of this document are always available in the first folder of the “Reference Library” entitled “aa Introduction to the Library / Regulatory and Revision History.”

Kelly McLendon