| Committee/Subcommittee: | Activity: | |
| Senate Health, Education, Labor, and Pensions | Referral | |
***NONE***
***NONE***
| Sen Dodd, Christopher J. - 3/10/1999 |
TABLE OF CONTENTS:
Title I: Individual's Rights
Subtitle A: Review of Protected Health Information by
Subjects of the Information
Subtitle B: Establishment of Safeguards
Title II: Restrictions on Use and Disclosure
Title III: Sanctions
Subtitle A: Criminal Provisions
Subtitle B: Civil Sanctions
Title IV: Miscellaneous
Health Care Personal Information Nondisclosure Act of 1999 - Health Care PIN Act - Title I: Individual's Rights - Subtitle A: Review of Protected Health Information by Subjects of the Information - Requires specified parties to permit an individual who is the subject of protected health information to inspect, copy, and request amendment of the information (or, if amendment is refused, to append the individual's disagreement statement). (The list of specified parties varies from provision to provision throughout this Act. The list includes, in various provisions, such individuals and entities as health care providers, health plans, health researchers, health oversight agencies, public health authorities, employers, law enforcement officials, health or life insurers, schools, universities, and their agents.) Requires specified parties to post or provide notice of confidentiality practices. Mandates development of model notices.
Subtitle B: Establishment of Safeguards - Requires specified parties to maintain safeguards to ensure the confidentiality, security, accuracy, and integrity of protected health information. Requires specified parties to maintain a disclosure record.
Title II: Restrictions on Use and Disclosure - Prohibits specified parties from disclosing protected health information except as authorized under this title. Allows disclosure within such a party.
(Sec. 202) Requires: (1) a single authorization form for each individual for disclosure in connection with treatment, payment, and health care operations; and (2) a separate authorization for other purposes, including for disclosure with intent to sell, transfer, or use protected health information for commercial advantage. States that records of an individual's authorizations and revocations shall not be protected health information under this Act. Mandates disclosure to coroners and medical examiners. Requires development of model authorizations for circumstances other than treatment, payment and health care operations.
(Sec. 204) Allows and regulates disclosure: (1) to next of kin (or another person identified by the information subject); (2) of directory information; (3) regarding a deceased individual; (4) in emergencies; (5) for oversight, public health, or health research; (6) in civil, judicial, and administrative procedures; and (7) for law enforcement. Sets forth the rights of minors.
(Sec. 211) Mandates reporting, by code number rather than patient name, of adverse experiences regarding human drugs and licensed biological products.
(Sec. 212) Allows disclosure, if an individual pays for health care using a debit or credit card or other electronic means, of only such information as is necessary for the processing of the payment transaction or the billing or collection of amounts.
(Sec. 213) Mandates standards for disclosing, authorizing, and authenticating protected health information in electronic form.
(Sec. 214) Regulates the exercise of an information subject's rights by that individual's representatives, including after death.
(Sec. 215) Declares that: (1) Federal and State law enforcement officers shall not be personally liable for violations of this Act absent intentional conduct for commercial advantage, personal gain, or malicious harm; and (2) specified parties who make a disclosure permitted by this Act shall not be liable under common law.
Title III: Sanctions - Subtitle A: Criminal Provisions - Amends the Federal criminal code to impose criminal penalties for knowingly and intentionally obtaining, using, or disclosing protected health information in violation of title II of this Act.
Mandates regulations and procedures to permit the debarment of specified parties from receiving benefits under any Federal health programs if the managers or officers of such parties are found guilty of criminal acts under this Act, have civil penalties imposed under subtitle B, or make false statements or obstruct justice regarding illegal disclosure. Authorizes the Attorney General to provide advice, technical assistance, and guidance to reduce improper disclosure.
Subtitle B: Civil Sanctions - Imposes civil monetary penalties on specified parties if the Secretary of Health and Human Services determines a party has substantially and materially failed to comply with this Act.
(Sec. 314) Allows any individual whose rights under this Act have been knowingly or negligently violated to bring a civil action to recover preliminary and equitable relief, compensatory (or specified liquidated) damages, punitive damages (for knowing violations), and attorney's fees. Sets a time limit for the commencement of actions.
Title IV: Miscellaneous - Preempts, with exceptions, any State law enacted after the effective date of this Act relating to the privacy of protected health information.
Amends the Privacy Act of 1974 to require an agency that receives protected health information to promulgate rules to exempt a system of records within the agency from all but specified provisions of that Act.
Provides for the application of this Act to the Departments of Defense, Transportation (regarding the Coast Guard), and Veterans Affairs.