House Energy and Commerce Committee Chair John Dingell (D-Mich.) and ranking member Joe Barton (R-Texas) on Tuesday plan to introduce a bill that would promote the adoption of a nationwide electronic health record system, CongressDaily reports. According to CongressDaily, the lawmakers last month released a draft of the legislation that “generated a torrent of comments from the health care, high-tech and consumer advocacy communities,” many of which focused on patient privacy concerns. In response to those concerns, the lawmakers clarified the definition of a security “breach” and increased patient privacy protections in the bill.
Under the bill, HHS would have to publish a list of entities that experience security breaches that affect more than 1,000 individuals, and health care providers would have to obtain consent from patients before they share their medical records. The legislation also would allow HHS to approve technologies equally or more effective than encryption and require notification of security breaches “without unreasonable delay,” or within 60 days, whichever is first. The bill also would clarify that criminal penalties imposed under the federal medical privacy rule issued after the enactment of the Health Insurance Portability and Accountability Act apply to individuals who improperly obtain medical records.