Dr. McGuinness: and there are other federal privacy laws, or laws interpreted to extend privacy protections to consumers that intersect with HIPAA:
Gramm Leach Bliley Fair Debt Collection Practices Act Fair Credit Reporting Act Federal Trade Commission Act, Section 5 (this was the federal statute deployed by the FTC in regard to the now infamous Eli Lilly July, 2001, MediMessenger medical privacy situation) Computer Fraud Act (used in Dartmouth/New Hampshire alleged medical privacy breach case last year) and of course we'll need to see whether or not one of the On Line Privacy bills pending in the House or Senate passes... we'll need a formidable spreadsheet for our comparison. Leslie Bender, Esq. Leslie C. Bender, P.A. 1922 Greenspring Drive, Suite 7 Timonium, Maryland 21093 Ph: 410-453-4125 Fax: 410-453-4126 www.roiWebEd.com ---------- Original Message ---------------------------------- From: <[EMAIL PROTECTED]> Reply-To: <[EMAIL PROTECTED]> Date: Fri, 27 Sep 2002 01:17:07 -0400 >Andrea, I am unaware of any specific privacy requirements under CLIA, I >believe that HIPAA would control. So I don't see conflict. > >522a or the Privacy Act of 1974 dictates privacy on the Federal Agency >Level - thus would govern all federal agencies, and their contractors. It >also affects state and local government, and their contractors. It required >the same rules for the contractors as it does for the agencies. It has >numerous conflicts and overlaps with HIPAA, and deals with issues not >included in HIPAA's Privacy Rule as well. A link for the reg is: >http://www.hipaahelpnow.com/privacy_act_1974.htm > >Where this gets seriously complicated is for Federal Agencies who are also >HIPAA Covered Entities. To date, I have not seen a comparison matrix of the >two. Though HCCO will examine the requirements in some deal later on >through it's harmonization initiatives. > >Another regulation that also affects HIPAA Privacy in significant ways is >the ICH/FDA GCP. The GCP regulation with the most impact to Privacy AND >Security is 21CFR11. You may find links to the specific components of GCP >on http://www.hipaahelpnow.com/hipaa_regulations_regs.htm at the bottom of >the page. 21CFR11 has profound impact for providers who engage in clinical >trials, and it affects their patient records, privacy, and security >(overlapping the Privacy and Security rules). > >Once we collectively get past Privacy compliance, and significant effort >will be needed to harmonize these regulations and HIPAA, as well as FERPA, >so as to enable the HIPAA covered entities to rationally address the >parallel compliance efforts required. > >I would be happy to discuss these issues in more detail off-line, as well as >anyone who would like to collaborate in comparative harmonization efforts. > >Tim McGuinness, Ph.D. >Consulting Specialist in Regulatory Privacy, Security, and Application >Compliance (HIPAA/ASCA/FDA/CMS-HCFA/ICH/ADA 508c), >[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > >President, >HIPAA Help Now >[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> >www.hipaahelpnow.com <http://www.hipaahelpnow.com/> > >Executive Co-Chairman for Privacy, >HIPAA Conformance Certification Organization (HCCO) >www.hcco.us > >__________________________________________________________________ >Phone: 727-787-3901 Cell: 305-753-4149 Fax: 240-525-1149 >Instant Messengers: ICQ# 22396626 - MSN IM: [EMAIL PROTECTED] - >Yahoo IM timmcguinness - AOL IM: mcguinnesstim >__________________________________________________________________ > > >=========================================================================== > >IMPORTANT NOTICE: This communication, including any attachment, contains >information that may be confidential or privileged, and is intended solely >for the entity or individual to whom it is addressed. If you are not the >intended recipient, please notify the sender at once, and you should delete >this message and are hereby notified that any disclosure, copying, or >distribution of this message is strictly prohibited. Nothing in this email, >including any attachment, is intended to be a legally binding signature. > > > >-----Original Message----- >From: Zalewski Andrea [mailto:[EMAIL PROTECTED]] >Sent: Thursday, September 26, 2002 11:40 AM >To: [EMAIL PROTECTED] >Subject: CLIA and USC 522a exemptions under Privacy > > >Does anyone have specific information, or links to such information, >regarding how CLIA and the USC 522a regulations affect the Privacy Rule? > >Andrea R. Zalewski >Director of Quality Assurance and HIPAA >HCA Physician Services > > >"Quality is never an accident; it is the result of high intention, sincere >effort, intelligent direction and skillful execution; it represents the wise >choice of many alternatives." -- Willa A. Foster > >The documents accompanying this transmission contain confidential privileged >information. The information is the property of the sender and intended >only for use by the individual or entity named above. The recipient of this >information is prohibited from disclosing the contents of the information to >another party. > > > >If you are neither the intended recipient or the employee or agent >responsible fore delivery to the intended recipient, you are hereby notified >that disclosure of contents in any manner is strictly prohibited. Please >notify Andrea Zalewski by calling 615-373-7434 immediately if you received >this information in error. > > > >To be removed from this list, go to: >http://snip.wedi.org/unsubscribe.cfm?list=privacy >and enter your email address. > >The WEDI SNIP listserv to which you are subscribed is not moderated. The >discussions on this listserv therefore represent the views of the individual >participants, and do not necessarily represent the views of the WEDI Board >of >Directors nor WEDI SNIP. If you wish to receive an official opinion, post >your question to the WEDI SNIP Issues Database at >http://snip.wedi.org/tracking/. >Posting of advertisements or other commercial use of this listserv is >specifically prohibited. > >********************************************************************** >To be removed from this list, go to: >http://snip.wedi.org/unsubscribe.cfm?list=privacy >and enter your email address. > >The WEDI SNIP listserv to which you are subscribed is not moderated. The >discussions on this listserv therefore represent the views of the individual >participants, and do not necessarily represent the views of the WEDI Board >of >Directors nor WEDI SNIP. If you wish to receive an official opinion, post >your question to the WEDI SNIP Issues Database at >http://snip.wedi.org/tracking/. >Posting of advertisements or other commercial use of this listserv is >specifically prohibited. > > ________________________________________________________________ Sent via the WebMail system at mail.theroi.com ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address. The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited.
