TO: | Honorable Lois W. Kolkhorst, Chair, House Committee on Public Health |
FROM: | John S O'Brien, Director, Legislative Budget Board |
IN RE: | HB300 by Kolkhorst (Relating to the privacy of protected health information; providing civil penalties.), As Introduced |
The bill would amend Chapter 181 of the Health and Safety Code to direct all covered entities to comply with the Health Insurance Portability and Accountability Act and Privacy (HIPAA) standards and rules regarding access to and use of protected health information. The bill would require a covered entity to provide a person's electronic health record within fifteen days of receiving the request for the information and would authorize the entity to charge a fee for the copy of the public health information. The bill would also establish new rules regarding record retention periods at covered entities.
The bill would require the Office of the Attorney General (OAG) to adopt rules, no later than January 1, 2012, to create and adopt a standard authoriziation form for use in complying with authorized requests for disclosure of protected health information.
The bill would increase the maximum civil penalties for violations of the Medical Privacy Act. The bill would authorize the Health and Human Services Commission (HHSC) to refer disciplinary licensing actions involving violations to the OAG for civil enforcement. The number of potential violations and the amount of penalties levied are unknown; therefore, there could be an indeterminate revenue increase to the state.
The bill would direct the OAG, in coordination with HHSC, the Texas Health Services Authority, and the Texas Department of Insurance (TDI) to conduct periodic audits of covered entities. The bill would require the OAG to adopt rules to administer the audit provisions, to review a complaint received from any individual, and to report annually to the Legislature regarding the number and type of complaints, enforcement actions, and state and federal audits.
The bill would direct HHSC, with the Texas Health Services Authority and the Texas Medical Board, to review issues regarding security and accessibility of protected health information maintained by "unsustainable" covered entities (assumed to mean a covered entity that goes out of business). The bill would require HHSC to report to the Legislature on recommendations for state agency maintenance and retention of those records.
The bill would direct the OAG to establish a task force on health information technology to develop recommendations regarding the informed consent protocols, improvements in patient access to electronic protected health information, and other issues. The bill would require the task force to submit its report of recommendations to the Legislature by January 1, 2013.
The bill would take effect September 1, 2011.
Source Agencies: | 302 Office of the Attorney General, 454 Department of Insurance, 503 Texas Medical Board, 529 Health and Human Services Commission
|
LBB Staff: | JOB, ES, CL, MB, VJC, GD
|