{"description":"Documents matching 'hipaa privacy violation never gave'","count":239,"total_pages":12,"next_page_url":"https://www.federalregister.gov/api/v1/documents?conditions%5Bterm%5D=hipaa+privacy+violation+never+gave&format=json&page=2","results":[{"title":"Administrative Simplification; Adoption of Standards for Health Care Claims Attachments Transactions and Electronic Signatures","type":"Rule","abstract":"This final rule implements requirements of the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010, enacted on March 30, 2010--collectively, the Affordable Care Act. Specifically, this final rule adopts standards for health care claims attachments transactions, which will support health care claims transactions, and a standard for electronic signatures to be used in conjunction with health care claims attachments transactions.","document_number":"2026-05676","html_url":"https://www.federalregister.gov/documents/2026/03/24/2026-05676/administrative-simplification-adoption-of-standards-for-health-care-claims-attachments-transactions","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-03-24/pdf/2026-05676.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-05676.pdf?1774037709","publication_date":"2026-03-24","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"statute as the “original” <span class=\"match\">HIPAA</span> provisions. \n Section 1172(a) of the Act provides that any standard adopted by the Secretary under the <span class=\"match\">HIPAA</span> Administrative Simplification provision shall apply, in whole or in part, to the following persons, referred to as “covered entities”: (1) a health plan; (2) a health care clearinghouse; and (3) a health care provider who transmits any health information in electronic form in connection with a <span class=\"match\">HIPAA</span> transaction. In general, section 1172 of the Act provides that any standard adopted under <span class=\"match\">HIPAA</span> is to be developed,"},{"title":"Health Breach Notification Rule","type":"Rule","abstract":"The Federal Trade Commission (\"FTC\" or \"Commission\") is amending the Commission's Health Breach Notification Rule (the \"HBN Rule\" or the \"Rule\"). The HBN Rule requires vendors of personal health records (\"PHRs\") and related entities that are not covered by the Health Insurance Portability and Accountability Act (\"HIPAA\") to notify individuals, the FTC, and, in some cases, the media of a breach of unsecured personally identifiable health data.","document_number":"2024-10855","html_url":"https://www.federalregister.gov/documents/2024/05/30/2024-10855/health-breach-notification-rule","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-05-30/pdf/2024-10855.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-10855.pdf?1716986712","publication_date":"2024-05-30","agencies":[{"raw_name":"FEDERAL TRADE COMMISSION","name":"Federal Trade Commission","id":192,"url":"https://www.federalregister.gov/agencies/federal-trade-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/192","parent_id":null,"slug":"federal-trade-commission"}],"excerpts":"things, the HITECH Act sought to fill the gaps left by the <span class=\"match\">privacy</span> and security protections created under the Health Insurance Portability and Accountability Act (“<span class=\"match\">HIPAA</span>”), which was passed more than a decade earlier.\n 315 \n \n Specifically, it expanded the kinds of entities subject to the <span class=\"match\">privacy</span> and security provisions of <span class=\"match\">HIPAA</span>,\n 316 \n \n <span class=\"match\">gave</span> state attorneys general enforcement powers,\n 317 \n \n and—most relevant here—directed the Commission to issue a rule requiring entities not covered by <span class=\"match\">HIPAA</span> to provide notification of any breach of unsecured health"},{"title":"Confidentiality of Substance Use Disorder (SUD) Patient Records","type":"Rule","abstract":"The United States Department of Health and Human Services (HHS or \"Department\") is issuing this final rule to modify its regulations to implement section 3221 of the Coronavirus Aid, Relief, and Economic Security (CARES) Act. The Department is issuing this final rule after careful consideration of all public comments received in response to the notice of proposed rulemaking (NPRM) for the Confidentiality of Substance Use Disorder (SUD) Patient Records. This final rule also makes certain other modifications to increase alignment with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to improve workability and decrease burden on programs, covered entities, and business associates.","document_number":"2024-02544","html_url":"https://www.federalregister.gov/documents/2024/02/16/2024-02544/confidentiality-of-substance-use-disorder-sud-patient-records","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-02-16/pdf/2024-02544.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-02544.pdf?1707408916","publication_date":"2024-02-16","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"The Department also proposed modifications to the <span class=\"match\">HIPAA</span> Notice of <span class=\"match\">Privacy</span> Practices (NPP) in January 2021 and April 2023. \n See \n Proposed Modifications to the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> Rule to Support, and Remove Barriers to, Coordinated Care and Individual Engagement, 86 FR 6446 (Jan. 21, 2021) and <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> Rule To Support Reproductive Health Care <span class=\"match\">Privacy</span> 88 FR 23506 (Apr. 17, 2023).\n \n \n \n \n 8 \n  Within this rule the terms records and part 2 records are used interchangeably to refer to information subject to part 2.\n \n \n \n \n The 60-day public comment"},{"title":"HIPAA Privacy Rule To Support Reproductive Health Care Privacy","type":"Proposed Rule","abstract":"The Department of Health and Human Services (HHS or \"Department\") is issuing this notice of proposed rulemaking (NPRM) to solicit comment on its proposal to modify the Standards for Privacy of Individually Identifiable Health Information (\"Privacy Rule\") under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The proposal would modify existing standards permitting uses and disclosures of protected health information (PHI) by limiting uses and disclosures of PHI for certain purposes where the use or disclosure of information is about reproductive health care that is lawful under the circumstances in which such health care is provided. The proposal would modify existing standards by prohibiting uses and disclosures of PHI for criminal, civil, or administrative investigations or proceedings against individuals, covered entities or their business associates (collectively, \"regulated entities\"), or other persons for seeking, obtaining, providing, or facilitating reproductive health care that is lawful under the circumstances in which it is provided.","document_number":"2023-07517","html_url":"https://www.federalregister.gov/documents/2023/04/17/2023-07517/hipaa-privacy-rule-to-support-reproductive-health-care-privacy","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2023-04-17/pdf/2023-07517.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2023-07517.pdf?1681328717","publication_date":"2023-04-17","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"and Human Services (HHS or “Department”) proposes modifications to the Standards for <span class=\"match\">Privacy</span> of Individually Identifiable Health Information (“<span class=\"match\">Privacy</span> Rule”), issued pursuant to section 264 of the Administrative Simplification provisions of title II, subtitle F, of the Health Insurance Portability and Accountability Act of 1996 (<span class=\"match\">HIPAA</span>).\n 1 \n \n The <span class=\"match\">Privacy</span> Rule \n 2 \n \n is one of several rules, collectively known as the <span class=\"match\">HIPAA</span> Rules,\n 3 \n \n that protect the <span class=\"match\">privacy</span> and security of individuals' protected health information \n 4 \n \n (PHI), which is individually"},{"title":"Health Data, Technology, and Interoperability: ASTP/ONC Deregulatory Actions To Unleash Prosperity","type":"Proposed Rule","abstract":"This proposed rule focuses on deregulatory actions identified in HHS regulations regarding Health information technology standards, implementation specifications, and certification criteria and certification programs for health information technology, and information blocking. This proposed rule seeks to reduce burden, offer flexibility to both developers and providers, and support innovation through the removal and revisions of certain certification criteria and regulatory provisions. This proposed rule also seeks to address reported misuse and abuse of information blocking definitions and exceptions.","document_number":"2025-23896","html_url":"https://www.federalregister.gov/documents/2025/12/29/2025-23896/health-data-technology-and-interoperability-astponc-deregulatory-actions-to-unleash-prosperity","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-12-29/pdf/2025-23896.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-23896.pdf?1766438109","publication_date":"2025-12-29","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"security certification criteria does not guarantee compliance with the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> and Security Rule requirements. Further, the adoption of health IT certified to the <span class=\"match\">privacy</span> and security certification criteria does not serve as an affirmative defense, has not been identified as a mitigating factor in assessing <span class=\"match\">HIPAA</span> civil money penalties, and does not exempt a <span class=\"match\">HIPAA</span>-regulated entity from having to comply with any applicable provision of the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> or Security Rules. These facts alone have created unnecessary burden for health care providers"},{"title":"Health Breach Notification Rule","type":"Proposed Rule","abstract":"The Federal Trade Commission (\"FTC\" or \"Commission\") proposes to amend the Commission's Health Breach Notification Rule (the \"HBN Rule\" or the \"Rule\") and requests public comment on the proposed changes. The HBN Rule requires vendors of personal health records (\"PHRs\") and related entities that are not covered by the Health Insurance Portability and Accountability Act (\"HIPAA\") to notify individuals, the FTC, and, in some cases, the media of a breach of unsecured personally identifiable health data.","document_number":"2023-12148","html_url":"https://www.federalregister.gov/documents/2023/06/09/2023-12148/health-breach-notification-rule","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2023-06-09/pdf/2023-12148.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2023-12148.pdf?1686228316","publication_date":"2023-06-09","agencies":[{"raw_name":"FEDERAL TRADE COMMISSION","name":"Federal Trade Commission","id":192,"url":"https://www.federalregister.gov/agencies/federal-trade-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/192","parent_id":null,"slug":"federal-trade-commission"}],"excerpts":"the definition of “clear and conspicuous” codified in the FTC's Financial <span class=\"match\">Privacy</span> Rule.\n 35 \n \n \n \n \n 35 \n  16 CFR 313.3(b). The FTC's Financial <span class=\"match\">Privacy</span> Rule requires financial institutions to provide particular notices and to comply with certain limitations on disclosure of nonpublic personal information. Using a comprehensive definition of “clear and conspicuous” that is based on the Financial <span class=\"match\">Privacy</span> Rule definition aims to ensure consistency across the Commission's <span class=\"match\">privacy</span>-related rules.\n \n \n • Sixth, the proposed Rule would expand the required"},{"title":"Safeguarding the Rights of Conscience as Protected by Federal Statutes","type":"Rule","abstract":"The Department of Health and Human Services (HHS or the Department) is issuing this final rule to partially rescind the May 21, 2019, final rule entitled, \"Protecting Statutory Conscience Rights in Health Care; Delegations of Authority\" (\"2019 Final Rule\"), while leaving in effect the framework created by the February 23, 2011, final rule entitled, \"Regulation for the Enforcement of Federal Health Care Provider Conscience Protection Laws\" (\"2011 Final Rule\"), which has been in effect continuously since March 25, 2011. Though the 2019 Final Rule never took effect, the Department also retains, with some modifications, certain provisions of the 2019 Final Rule regarding federal conscience protections, but eliminates others that are redundant or confusing, that undermine the clarity of the statutes Congress enacted to both safeguard conscience rights and protect access to health care, or because significant questions have been raised as to their legality.","document_number":"2024-00091","html_url":"https://www.federalregister.gov/documents/2024/01/11/2024-00091/safeguarding-the-rights-of-conscience-as-protected-by-federal-statutes","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-01-11/pdf/2024-00091.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-00091.pdf?1704807917","publication_date":"2024-01-11","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"complaints of statutory <span class=\"match\">violations</span> that served as a predicate for the 2019 Final Rule, and \n \n thanks the commenters for sharing their other thoughts regarding this issue. The Department notes that OCR's overall caseload has multiplied in recent years, increasing to over 51,000 complaints in 2022—an increase of 69 percent between 2017 and 2022—with 27 percent of those complaints alleging <span class=\"match\">violations</span> of civil rights, 66 percent alleging <span class=\"match\">violations</span> of health information <span class=\"match\">privacy</span> and security laws, and 7 percent alleging <span class=\"match\">violations</span> of conscience/religious"},{"title":"Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons","type":"Proposed Rule","abstract":"The Department of Justice proposes a rule to implement Executive Order 14117 of February 28, 2024 (Preventing Access to Americans' Bulk Sensitive Personal Data and United States Government- Related Data by Countries of Concern), by prohibiting and restricting certain data transactions with certain countries or persons.","document_number":"2024-24582","html_url":"https://www.federalregister.gov/documents/2024/10/29/2024-24582/provisions-pertaining-to-preventing-access-to-us-sensitive-personal-data-and-government-related-data","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-10-29/pdf/2024-24582.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-24582.pdf?1729628118","publication_date":"2024-10-29","agencies":[{"raw_name":"DEPARTMENT OF JUSTICE","name":"Justice Department","id":268,"url":"https://www.federalregister.gov/agencies/justice-department","json_url":"https://www.federalregister.gov/api/v1/agencies/268","parent_id":null,"slug":"justice-department"}],"excerpts":"though it may be difficult.\n \n \n \n 260 \n  \n See \n Off. of the Victorian Info. Comm'r, \n Biometrics and <span class=\"match\">Privacy</span>—Issues and Challenges \n (July 2019), \n https://ovic.vic.gov.au/<span class=\"match\">privacy</span>/resources-for-organisations/biometrics-and-<span class=\"match\">privacy</span>-issues-and-challenges/ \n [\n https://perma.cc/ME8R-XWJU \n ]; \n Is Biometric Information Protected by <span class=\"match\">Privacy</span> Laws?, \n Bloomberg L. (June 20, 2024), \n https://pro.bloomberglaw.com/insights/<span class=\"match\">privacy</span>/biometric-data-<span class=\"match\">privacy</span>-laws/ \n [\n https://perma.cc/56EZ-69HK \n ].\n \n \n \n \n 261 \n  \n Id. \n \n \n \n • \n Availability: \n Moderate"},{"title":"Nondiscrimination in Health Programs and Activities","type":"Rule","abstract":"The Department of Health and Human Services (HHS or the Department) is issuing this final rule regarding section 1557 of the Affordable Care Act (ACA) (section 1557). Section 1557 prohibits discrimination on the basis of race, color, national origin, sex, age, or disability in certain health programs and activities. Section 1557(c) of the ACA authorizes the Secretary of the Department to promulgate regulations to implement the nondiscrimination requirements of section 1557. The Department is also revising its interpretation regarding whether Medicare Part B constitutes Federal financial assistance for purposes of civil rights enforcement. Additionally, the Department is revising provisions prohibiting discrimination on the basis of sex in regulations issued by the Centers for Medicare & Medicaid Services (CMS) governing Medicaid and the Children's Health Insurance Program (CHIP); Programs of All-Inclusive Care for the Elderly (PACE); health insurance issuers and their officials, employees, agents, and representatives; States and the Exchanges carrying out Exchange requirements; agents, brokers, or web-brokers that assist with or facilitate enrollment of qualified individuals, qualified employers, or qualified employees; issuers providing essential health benefits (EHB); and qualified health plan issuers.","document_number":"2024-08711","html_url":"https://www.federalregister.gov/documents/2024/05/06/2024-08711/nondiscrimination-in-health-programs-and-activities","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-05-06/pdf/2024-08711.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-08711.pdf?1714162519","publication_date":"2024-05-06","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"},{"raw_name":"Office of the Secretary"}],"excerpts":"Servs., Off. for Civil Rts., \n <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> Rule and Disclosures of Information Relating to Reproductive Health Care \n (June 29, 2022), \n https://www.hhs.gov/<span class=\"match\">hipaa</span>/for-professionals/<span class=\"match\">privacy</span>/guidance/phi-reproductive-health/index.html \n .\n \n \n \n \n 378 \n  U.S. Dep't of Health &amp; Hum. Servs., Off. for Civil Rts., \n Protecting the <span class=\"match\">Privacy</span> and Security of Your Health Information When Using Your Personal Cell Phone or Tablet \n (June 29, 2022), \n https://www.hhs.gov/<span class=\"match\">hipaa</span>/for-professionals/<span class=\"match\">privacy</span>/guidance/cell-phone-<span class=\"match\">hipaa</span>/index.html \n .\n \n \n \n \n 379"},{"title":"Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons","type":"Rule","abstract":"The Department of Justice is issuing a final rule to implement Executive Order 14117 of February 28, 2024 (Preventing Access to Americans' Bulk Sensitive Personal Data and United States Government- Related Data by Countries of Concern), by prohibiting and restricting certain data transactions with certain countries or persons.","document_number":"2024-31486","html_url":"https://www.federalregister.gov/documents/2025/01/08/2024-31486/preventing-access-to-us-sensitive-personal-data-and-government-related-data-by-countries-of-concern","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-01-08/pdf/2024-31486.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-31486.pdf?1735911918","publication_date":"2025-01-08","agencies":[{"raw_name":"DEPARTMENT OF JUSTICE","name":"Justice Department","id":268,"url":"https://www.federalregister.gov/agencies/justice-department","json_url":"https://www.federalregister.gov/api/v1/agencies/268","parent_id":null,"slug":"justice-department"}],"excerpts":"a finding of <span class=\"match\">violation</span> is warranted. \n If, after considering the response, the Department of Justice determines that a final finding of <span class=\"match\">violation</span> should be issued, the Department of Justice will issue a final finding of <span class=\"match\">violation</span> that will inform the <span class=\"match\">violator</span> of its decision. The Department shall provide the <span class=\"match\">violator</span> with the relevant information that is not privileged, classified, or otherwise protected, that forms the basis for the finding of <span class=\"match\">violation</span>. A final finding of <span class=\"match\">violation</span> shall constitute final agency action. The <span class=\"match\">violator</span> has the right"},{"title":"Prohibition on Creditors and Consumer Reporting Agencies Concerning Medical Information (Regulation V)","type":"Rule","abstract":"The Consumer Financial Protection Bureau (CFPB) is issuing a final rule amending Regulation V, which implements the Fair Credit Reporting Act (FCRA), concerning medical information. The FCRA prohibits creditors from considering medical information in credit eligibility determinations. The CFPB is removing a regulatory exception that had permitted creditors to obtain and use information on medical debts notwithstanding this statutory limitation. The final rule also provides that a consumer reporting agency generally may not furnish to a creditor a consumer report containing information on medical debt that the creditor is prohibited from using.","document_number":"2024-30824","html_url":"https://www.federalregister.gov/documents/2025/01/14/2024-30824/prohibition-on-creditors-and-consumer-reporting-agencies-concerning-medical-information-regulation-v","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-01-14/pdf/2024-30824.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-30824.pdf?1736775917","publication_date":"2025-01-14","agencies":[{"raw_name":"Consumer Financial Protection Bureau","name":"Consumer Financial Protection Bureau","id":573,"url":"https://www.federalregister.gov/agencies/consumer-financial-protection-bureau","json_url":"https://www.federalregister.gov/api/v1/agencies/573","parent_id":null,"slug":"consumer-financial-protection-bureau"}],"excerpts":"information. These commenters stated that current <span class=\"match\">privacy</span> protections are sufficient and that the CFPB had not considered or presented evidence of inappropriate practices by lenders under the current rule that warrant the change in policy. Commenters also stated that the FCRA does not delegate the power to change <span class=\"match\">privacy</span> protections to the CFPB; that the proposal might increase <span class=\"match\">privacy</span> risks, because it may require handling of medical information across more entities; and that consumers would have less <span class=\"match\">privacy</span> because of a likely increase in debt collection"},{"title":"Medicare and Medicaid Programs; Patient Protection and Affordable Care Act; Advancing Interoperability and Improving Prior Authorization Processes for Medicare Advantage Organizations, Medicaid Managed Care Plans, State Medicaid Agencies, Children's Health Insurance Program (CHIP) Agencies and CHIP Managed Care Entities, Issuers of Qualified Health Plans on the Federally-Facilitated Exchanges, Merit-Based Incentive Payment System (MIPS) Eligible Clinicians, and Eligible Hospitals and Critical Access Hospitals in the Medicare Promoting Interoperability Program","type":"Rule","abstract":"This final rule will improve the electronic exchange of health care data and streamline processes related to prior authorization through new requirements for Medicare Advantage (MA) organizations, state Medicaid fee-for-service (FFS) programs, state Children's Health Insurance Program (CHIP) FFS programs, Medicaid managed care plans, CHIP managed care entities, and Qualified Health Plan (QHP) issuers on the Federally-facilitated Exchanges (FFEs). This final rule will also add new measures for eligible hospitals and critical access hospitals (CAHs) to report under the Medicare Promoting Interoperability Program and for MIPS eligible clinicians to report under the Promoting Interoperability performance category of the Merit-based Incentive Payment System (MIPS). These policies, taken together, will reduce overall payer and provider burden and improve patient access to health information while continuing CMS's drive toward interoperability in the health care market.","document_number":"2024-00895","html_url":"https://www.federalregister.gov/documents/2024/02/08/2024-00895/medicare-and-medicaid-programs-patient-protection-and-affordable-care-act-advancing-interoperability","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-02-08/pdf/2024-00895.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-00895.pdf?1705612517","publication_date":"2024-02-08","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"},{"raw_name":"Office of the Secretary"}],"excerpts":"receive a response with no data if they do so.\n \n j. Interaction With <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span>, Security, and Administrative Transaction Rules \n \n Under our policies, all data shared and received via the Provider Access API must be handled in a way that is consistent with all applicable laws and regulations. Payers and health care providers that are covered entities under the <span class=\"match\">HIPAA</span> Rules \n 46 \n \n are subject to the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> and Security Rules.\n 47 \n \n Adherence to both the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> and Security Rules helps to ensure that the covered entity disclosing"},{"title":"Transparency in Coverage","type":"Proposed Rule","abstract":"These proposed rules set forth proposed requirements that would amend the regulations under the Public Health Service Act, the Employee Retirement Income Security Act of 1974, and the Internal Revenue Code regarding price transparency reporting requirements for non-grandfathered group health plans and health insurance issuers offering non-grandfathered group and individual health insurance coverage. Specifically, these proposed rules would improve the standardization, accuracy, and accessibility of public pricing disclosures in line with the goals of the Executive Order 14221. With respect to the in-network rate and out-of-network allowed amount machine-readable files, these proposed rules would achieve these goals by adding new contextual files and additional data elements like product type, network name, and enrollment counts; changing the reporting level for aggregation of data; removing in-network rates for unlikely provider-to-service mappings; increasing the reporting period and lowering the claims threshold for out-of-network historical data; and reducing the reporting cadence. These proposed rules would also improve the findability of all of the publicly disclosed machine- readable files required under the Transparency in Coverage rules, including the prescription drug file, by requiring a text file and footer with website URLs and contact information for the files. These proposed rules would also require pricing information that is made available through an online consumer tool and paper (upon request), to also be made available by phone, and establish that the satisfaction of such requirement also satisfies the requirements of section 114 of the No Surprises Act (including for grandfathered group health plans and health insurance issuers offering grandfathered group and individual health insurance coverage that are not otherwise subject to these proposed rules).","document_number":"2025-23693","html_url":"https://www.federalregister.gov/documents/2025/12/23/2025-23693/transparency-in-coverage","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-12-23/pdf/2025-23693.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-23693.pdf?1766178909","publication_date":"2025-12-23","agencies":[{"raw_name":"DEPARTMENT OF THE TREASURY","name":"Treasury Department","id":497,"url":"https://www.federalregister.gov/agencies/treasury-department","json_url":"https://www.federalregister.gov/api/v1/agencies/497","parent_id":null,"slug":"treasury-department"},{"raw_name":"Internal Revenue Service","name":"Internal Revenue Service","id":254,"url":"https://www.federalregister.gov/agencies/internal-revenue-service","json_url":"https://www.federalregister.gov/api/v1/agencies/254","parent_id":497,"slug":"internal-revenue-service"},{"raw_name":"DEPARTMENT OF LABOR","name":"Labor Department","id":271,"url":"https://www.federalregister.gov/agencies/labor-department","json_url":"https://www.federalregister.gov/api/v1/agencies/271","parent_id":null,"slug":"labor-department"},{"raw_name":"Employee Benefits Security Administration","name":"Employee Benefits Security Administration","id":131,"url":"https://www.federalregister.gov/agencies/employee-benefits-security-administration","json_url":"https://www.federalregister.gov/api/v1/agencies/131","parent_id":271,"slug":"employee-benefits-security-administration"},{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"}],"excerpts":"requested comment on whether a higher minimum claims threshold, such as a threshold of 20 claims, would better mitigate <span class=\"match\">privacy</span> concerns and minimize complexity in complying with Federal or State <span class=\"match\">privacy</span> laws without compromising the integrity of the compiled information.\n 99 \n \n As discussed in the 2020 final rules, some commenters expressed concerns about maintaining Health Insurance Portability and Accountability Act (<span class=\"match\">HIPAA</span>) protections on the Allowed Amount File due to the small number of claims associated with specific items and services for"},{"title":"Implementation of the Pregnant Workers Fairness Act","type":"Rule","abstract":"The Equal Employment Opportunity Commission is issuing this final rule and interpretive guidance to implement the Pregnant Workers Fairness Act, which requires a covered entity to provide reasonable accommodations to a qualified employee's or applicant's known limitations related to, affected by, or arising out of pregnancy, childbirth, or related medical conditions, unless the accommodation will cause an undue hardship on the operation of the business of the covered entity.","document_number":"2024-07527","html_url":"https://www.federalregister.gov/documents/2024/04/19/2024-07527/implementation-of-the-pregnant-workers-fairness-act","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-04-19/pdf/2024-07527.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-07527.pdf?1713194114","publication_date":"2024-04-19","agencies":[{"raw_name":"EQUAL EMPLOYMENT OPPORTUNITY COMMISSION","name":"Equal Employment Opportunity Commission","id":147,"url":"https://www.federalregister.gov/agencies/equal-employment-opportunity-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/147","parent_id":null,"slug":"equal-employment-opportunity-commission"}],"excerpts":"§ 1636.6 \n \n A State shall not be immune under the 11th Amendment to the Constitution from an action in a Federal or State court of competent jurisdiction for a <span class=\"match\">violation</span> of the PWFA. In any action against a State for a <span class=\"match\">violation</span> of the PWFA, remedies (including remedies both at law and in equity) are available for such a <span class=\"match\">violation</span> to the same extent such remedies are available for such a <span class=\"match\">violation</span> in an action against any public or private entity other than a State. \n \n \n § 1636.7 \n \n \n (a) \n In general. \n (1) The PWFA and this part do not invalidate"},{"title":"Nondiscrimination on the Basis of Sex in Education Programs or Activities Receiving Federal Financial Assistance","type":"Rule","abstract":"The U.S. Department of Education (Department) amends the regulations implementing Title IX of the Education Amendments of 1972 (Title IX). The purpose of these amendments is to better align the Title IX regulatory requirements with Title IX's nondiscrimination mandate. These amendments clarify the scope and application of Title IX and the obligations of recipients of Federal financial assistance from the Department, including elementary schools, secondary schools, postsecondary institutions, and other recipients (referred to below as \"recipients\" or \"schools\") to provide an educational environment free from discrimination on the basis of sex, including through responding to incidents of sex discrimination. These final regulations will enable all recipients to meet their obligations to comply with Title IX while providing them with appropriate discretion and flexibility to account for variations in school size, student populations, and administrative structures.","document_number":"2024-07915","html_url":"https://www.federalregister.gov/documents/2024/04/29/2024-07915/nondiscrimination-on-the-basis-of-sex-in-education-programs-or-activities-receiving-federal","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-04-29/pdf/2024-07915.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-07915.pdf?1713530716","publication_date":"2024-04-29","agencies":[{"raw_name":"DEPARTMENT OF EDUCATION","name":"Education Department","id":126,"url":"https://www.federalregister.gov/agencies/education-department","json_url":"https://www.federalregister.gov/api/v1/agencies/126","parent_id":null,"slug":"education-department"}],"excerpts":"similar records made in connection with treatment are particularly sensitive and warrant heightened <span class=\"match\">privacy</span> protections. \n \n The Department appreciates the comments regarding <span class=\"match\">HIPAA</span>, which protects the <span class=\"match\">privacy</span> and security of certain health information; however, the Department does not enforce <span class=\"match\">HIPAA</span> and lacks authority under Title IX to require recipients to comply with <span class=\"match\">HIPAA</span> through these Title IX regulations. The Department also notes that <span class=\"match\">HIPAA</span> specifically excludes from its coverage records that are protected by FERPA, including education records"},{"title":"Federal Independent Dispute Resolution Operations","type":"Rule","abstract":"This document sets forth these final rules related to certain provisions of the No Surprises Act regarding the Federal independent dispute resolution (IDR) process, which was established as part of the Consolidated Appropriations Act, 2021 (CAA). These rules finalize new requirements relating to the disclosure of information that group health plans and health insurance issuers offering group or individual health insurance coverage must include along with the initial payment or notice of denial of payment for certain items and services subject to the surprise billing protections in the No Surprises Act. These final rules also require plans and issuers to communicate information by using claim adjustment reason codes (CARCs) and remittance advice remark codes (RARCs), as specified in guidance, when providing any paper or electronic remittance advice (ERA) to an entity that does not have a contractual relationship with the plan or issuer. This document also finalizes amendments to certain requirements related to the open negotiation period preceding the Federal IDR process, the initiation of the Federal IDR process, the Federal IDR dispute eligibility review process, and the payment and collection of administrative fees and certified IDR entity fees. This document also finalizes the definition of bundled payment arrangements, amends requirements related to batched items and services and amends the rules for extensions of timeframes due to extenuating circumstances. Additionally, this document finalizes provisions that require plans and issuers to register in the Federal IDR portal. In accordance with Federal law, a summary of these rules may be found at https://www.regulations.gov/.","document_number":"2026-11140","html_url":"https://www.federalregister.gov/documents/2026/06/04/2026-11140/federal-independent-dispute-resolution-operations","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-06-04/pdf/2026-11140.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-11140.pdf?1780348210","publication_date":"2026-06-04","agencies":[{"raw_name":"OFFICE OF PERSONNEL MANAGEMENT","name":"Personnel Management Office","id":406,"url":"https://www.federalregister.gov/agencies/personnel-management-office","json_url":"https://www.federalregister.gov/api/v1/agencies/406","parent_id":null,"slug":"personnel-management-office"},{"raw_name":"DEPARTMENT OF THE TREASURY","name":"Treasury Department","id":497,"url":"https://www.federalregister.gov/agencies/treasury-department","json_url":"https://www.federalregister.gov/api/v1/agencies/497","parent_id":null,"slug":"treasury-department"},{"raw_name":"Internal Revenue Service","name":"Internal Revenue Service","id":254,"url":"https://www.federalregister.gov/agencies/internal-revenue-service","json_url":"https://www.federalregister.gov/api/v1/agencies/254","parent_id":497,"slug":"internal-revenue-service"},{"raw_name":"DEPARTMENT OF LABOR","name":"Labor Department","id":271,"url":"https://www.federalregister.gov/agencies/labor-department","json_url":"https://www.federalregister.gov/api/v1/agencies/271","parent_id":null,"slug":"labor-department"},{"raw_name":"Employee Benefits Security Administration","name":"Employee Benefits Security Administration","id":131,"url":"https://www.federalregister.gov/agencies/employee-benefits-security-administration","json_url":"https://www.federalregister.gov/api/v1/agencies/131","parent_id":271,"slug":"employee-benefits-security-administration"},{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"}],"excerpts":"non-compliance with these requirements when they become applicable, subject to workforce availability.\n \n \n \n 221 \n  \n See \n sections 502 (providing DOL with civil enforcement authority) and 504 of ERISA (providing DOL with authority to determine whether any person has <span class=\"match\">violated</span> or is about to <span class=\"match\">violate</span> any provision of ERISA or any regulation or order thereunder, including for group health plans); \n see also \n section 2723 of the PHS Act and 45 CFR 150.101\n et seq. \n (setting forth HHS's enforcement procedures related to the provisions of title XXVII of the"},{"title":"Improve Tracking of Workplace Injuries and Illnesses","type":"Rule","abstract":"OSHA is amending its occupational injury and illness recordkeeping regulation to require certain employers to electronically submit injury and illness information to OSHA that employers are already required to keep under the recordkeeping regulation. Specifically, OSHA is amending its regulation to require establishments with 100 or more employees in certain designated industries to electronically submit information from their OSHA Forms 300 and 301 to OSHA once a year. OSHA will not collect employee names or addresses, names of health care professionals, or names and addresses of facilities where treatment was provided if treatment was provided away from the worksite from the Forms 300 and 301. Establishments with 20 to 249 employees in certain industries will continue to be required to electronically submit information from their OSHA Form 300A annual summary to OSHA once a year. All establishments with 250 or more employees that are required to keep records under OSHA's injury and illness regulation will also continue to be required to electronically submit information from their Form 300A to OSHA on an annual basis. OSHA is also updating the NAICS codes used in appendix A, which designates the industries required to submit their Form 300A data, and is adding appendix B, which designates the industries required to submit Form 300 and Form 301 data. In addition, establishments will be required to include their company name when making electronic submissions to OSHA. OSHA intends to post some of the data from the annual electronic submissions on a public website after identifying and removing information that could reasonably be expected to identify individuals directly, such as individuals' names and contact information.","document_number":"2023-15091","html_url":"https://www.federalregister.gov/documents/2023/07/21/2023-15091/improve-tracking-of-workplace-injuries-and-illnesses","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2023-07-21/pdf/2023-15091.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2023-15091.pdf?1689597917","publication_date":"2023-07-21","agencies":[{"raw_name":"DEPARTMENT OF LABOR","name":"Labor Department","id":271,"url":"https://www.federalregister.gov/agencies/labor-department","json_url":"https://www.federalregister.gov/api/v1/agencies/271","parent_id":null,"slug":"labor-department"},{"raw_name":"Occupational Safety and Health Administration","name":"Occupational Safety and Health Administration","id":386,"url":"https://www.federalregister.gov/agencies/occupational-safety-and-health-administration","json_url":"https://www.federalregister.gov/api/v1/agencies/386","parent_id":271,"slug":"occupational-safety-and-health-administration"}],"excerpts":"(Docket IDs 0007, 0013). But as explained below, <span class=\"match\">HIPAA's</span> implementing regulations specifically allow employers to release workplace injury and illness data to OSHA.\n \n The U.S. Department of Health and Human Services (HHS) implements <span class=\"match\">HIPAA</span> through regulations at 45 CFR parts 160 and 164, known as the <span class=\"match\">HIPAA</span> “<span class=\"match\">Privacy</span> Rule.” The <span class=\"match\">Privacy</span> Rule protects the <span class=\"match\">privacy</span> of individually identifiable health information (referred to as “protected health information” or “PHI”) maintained or transmitted by <span class=\"match\">HIPAA</span>-covered entities and their business associates. The"},{"title":"Medicare and Medicaid Programs; CY 2026 Payment Policies Under the Physician Fee Schedule and Other Changes to Part B Payment and Coverage Policies; Medicare Shared Savings Program Requirements; and Medicare Prescription Drug Inflation Rebate Program","type":"Rule","abstract":"This major final rule addresses: changes to the physician fee schedule (PFS); other changes to Medicare Part B payment policies to ensure that payment systems are updated to reflect changes in medical practice, relative value of services, and changes in the statute; codification of establishment of new policies for: the Medicare Prescription Drug Inflation Rebate Program under the Inflation Reduction Act of 2022; the Ambulatory Specialty Model; updates to the Medicare Diabetes Prevention Program expanded model; updates to drugs and biological products paid under Part B; Medicare Shared Savings Program requirements; updates to the Quality Payment Program; updates to policies for Rural Health Clinics and Federally Qualified Health Centers; update to the Ambulance Fee Schedule regulations; codification of the Inflation Reduction Act and Consolidated Appropriations Act, 2023 provisions; updates to the Medicare Promoting Interoperability Program.","document_number":"2025-19787","html_url":"https://www.federalregister.gov/documents/2025/11/05/2025-19787/medicare-and-medicaid-programs-cy-2026-payment-policies-under-the-physician-fee-schedule-and-other","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-11-05/pdf/2025-19787.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-19787.pdf?1761945018","publication_date":"2025-11-05","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"beneficiaries. \n \n Under the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> Rule, covered entities (defined in 45 CFR 160.103 as health plans, health care providers that conduct certain transactions electronically, and health care clearinghouses) may only use or disclose protected health information (PHI), a subset of individually identifiable health information, as permitted or required by the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> Rule, without the individual's authorization. The Medicare FFS program, a “health plan” function of the Department, is subject to the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span> Rule limitations on the use"},{"title":"Medicare Program; Contract Year 2027 and Certain Contract Year 2026 Policy and Technical Changes to the Medicare Advantage Program, Medicare Prescription Drug Benefit Program, and Medicare Cost Plan Program","type":"Rule","abstract":"This final rule revises the Medicare Advantage (Part C), Medicare Prescription Drug Benefit (Part D), and Medicare cost plan regulations to implement changes related to Star Ratings, marketing and communications, drug coverage, enrollment processes, special needs plans, and other programmatic areas.","document_number":"2026-06600","html_url":"https://www.federalregister.gov/documents/2026/04/06/2026-06600/medicare-program-contract-year-2027-and-certain-contract-year-2026-policy-and-technical-changes-to","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-06/pdf/2026-06600.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-06600.pdf?1775160908","publication_date":"2026-04-06","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Centers for Medicare & Medicaid Services","name":"Centers for Medicare & Medicaid Services","id":45,"url":"https://www.federalregister.gov/agencies/centers-for-medicare-medicaid-services","json_url":"https://www.federalregister.gov/api/v1/agencies/45","parent_id":221,"slug":"centers-for-medicare-medicaid-services"}],"excerpts":"offering the plan substantially <span class=\"match\">violated</span> a material provision of the organization's contract under this part in relation to the individual . . . ,” CMS's current regulations governing the special enrollment period (SEP) for contract <span class=\"match\">violation</span> (§§ 422.62(b)(3) and 423.38(c)(8)) provide that the SEP is available where an individual demonstrates to CMS that specified criteria have been met. This SEP is only available once CMS determines that a contract <span class=\"match\">violation</span> has occurred. An individual alleging a contract <span class=\"match\">violation</span> must call 1-800-MEDICARE to explain"},{"title":"Introduction to the Unified Agenda of Federal Regulatory and Deregulatory Actions-Fall 2023","type":"Proposed Rule","abstract":"Publication of the Fall 2023 Unified Agenda of Federal Regulatory and Deregulatory Actions represents a key component of the regulatory planning mechanism prescribed in Executive Order (\"E.O.\") 12866, \"Regulatory Planning and Review,\" (58 FR 51735, as amended) and reaffirmed in E.O. 13563, \"Improving Regulation and Regulatory Review,\" (76 FR 3821) and E.O. 14094, \"Modernizing Regulatory Review,\" (88 FR 21879). The Regulatory Flexibility Act requires that agencies publish semiannual regulatory agendas in the Federal Register describing regulatory actions they are developing that may have a significant economic impact on a substantial number of small entities (5 U.S.C. 602). The Unified Agenda of Federal Regulatory and Deregulatory Actions (Unified Agenda), published in the fall and spring, helps agencies fulfill all of these requirements. All Federal regulatory agencies have chosen to publish their regulatory agendas as part of this publication. The complete publication of the Fall 2023 Unified Agenda contains the Regulatory Plans of 29 Federal agencies and 69 Federal agency regulatory agendas available to the public at www.reginfo.gov. The Fall 2023 Unified Agenda publication appearing in the Federal Register includes the Regulatory Plan and agency Regulatory Flexibility Agendas, in accordance with the publication requirements of the Regulatory Flexibility Act. Agency Regulatory Flexibility Agendas contain only those Agenda entries for rules that are likely to have a significant economic impact on a substantial number of small entities and entries that have been selected for periodic review under section 610 of the Regulatory Flexibility Act.","document_number":"2024-00476","html_url":"https://www.federalregister.gov/documents/2024/02/09/2024-00476/introduction-to-the-unified-agenda-of-federal-regulatory-and-deregulatory-actions-fall-2023","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-02-09/pdf/2024-00476.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-00476.pdf?1707399919","publication_date":"2024-02-09","agencies":[{"raw_name":"REGULATORY INFORMATION SERVICE CENTER","name":"Regulatory Information Service Center","id":449,"url":"https://www.federalregister.gov/agencies/regulatory-information-service-center","json_url":"https://www.federalregister.gov/api/v1/agencies/449","parent_id":null,"slug":"regulatory-information-service-center"}],"excerpts":"42 CFR part 2 (part 2). As required by the CARES Act, this regulation will: (1) Align certain provisions of part 2 with aspects of the <span class=\"match\">HIPAA</span> <span class=\"match\">Privacy</span>, Breach Notification, and Enforcement Rules. (2) Strengthen part 2 protections against uses and disclosures of patients' SUD records for civil, criminal, administrative, and legislative proceedings. (3) Require that a <span class=\"match\">HIPAA</span> Notice of <span class=\"match\">Privacy</span> Practices address <span class=\"match\">privacy</span> practices with respect to part 2 records.\n \n \n Summary of Legal Basis: \n Section 3221(i) of the CARES Act requires rulemaking as may be"}]}