Photo of Anna D. Kraus

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience with, and valuable insight into, the programs and issues within the purview of HHS, including Medicare, Medicaid, fraud and abuse, and health information privacy. Ms. Kraus regularly advises clients on Medicare reimbursement matters, the Medicaid Drug Rebate program, health information privacy issues (including under HIPAA and the HITECH Act), and the challenges and opportunities presented by the Affordable Care Act.

The U.S. Department of Health and Human Services (HHS) recently released guidance on methods for de-identification of protected health information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.  The guidance, which was required under Section 13424(c) of the Health Information Technology for Economic and Clinical Health (HITECH) Act, answers questions about the two methods that can be used to satisfy the HIPAA de-identification standard in  45 C.F.R. § 164.514.  It also incorporates input from stakeholders that HHS received at a workshop held in March 2010.

As summarized in the figure below, the two methods by which health information can be designated as de-identified under HIPAA are (1) the “expert determination” method and (2) the “safe harbor” method.

 

Source:HHS Guidance Regarding Methods for De-identification of PHI in Accordance with the HIPAA Privacy Rule

Continue Reading HHS Releases Guidance on HIPAA De-Identification Standard