Home |  Contact |  Site Map

 
  Firm Information  |  Attorneys  |  Industries   |  Practices   |  Publications   |  Seminars   |  Recruiting   |  Resource Centers
 

Search HIPAA






Related Services

Health Care
Insurance
Employment
 
   Health Care & Insurance

Return to HIPAA Regulations Index

Download changes to HIPAA contained in the 2009 Federal Stimulus Bill H.R. 1

RELATIONSHIP TO OTHER FEDERAL LAWS
THE PRIVACY ACT
As Contained in the HHS Final HIPAA Privacy Rules

HHS Description
Relationship to Other Federal Laws - The Privacy Act

The Privacy Act of 1974, 5 U.S.C. 552a, prohibits disclosures of records contained in a system of records maintained by a federal agency (or its contractors) without the written request or consent of the individual to whom the record pertains. This general rule is subject to various statutory exceptions. In addition to the disclosures explicitly permitted in the statute, the Privacy Act permits agencies to disclose information for other purposes compatible with the purpose for which the information was collected by identifying the disclosure as a “routine use” and publishing notice of it in the Federal Register. The Act applies to all federal agencies and certain federal contractors who operate Privacy Act systems of records on behalf of federal agencies.

Some federal agencies and contractors of federal agencies that are covered entities under the privacy rules are subject to the Privacy Act. These entities must comply with all applicable federal statutes and regulations. For example, if the privacy regulation permits a disclosure, but the disclosure is not permitted under the Privacy Act, the federal agency may not make the disclosure. If, however, the Privacy Act allows a federal agency the discretion to make a routine use disclosure, but the privacy regulation prohibits the disclosure, the federal agency will have to apply its discretion in a way that complies with the regulation. This means not making the particular disclosure.

HHS Response to Comments Received
Relationship to Other Federal Laws - The Privacy Act

Comment: One comment suggested that the final rule unambiguously permit the continued operation of the statutorily established or authorized discretionary routine uses permitted under the Privacy Act for both law enforcement and health oversight.

Response: We disagree. See the discussion of the Privacy Act in "Relationship to Other Federal Laws" above.

 

 

 
Subscribe to
HIPAA E-Alerts

Sign up to receive HIPAA Privacy & Security E-Alerts
Subscribe to HIPAA E-Alerts

Archived HIPAA E-Alerts
 

Highlights


Subscribe to the HIPAA Self-Assessment and Compliance Guide For Health Care Providers and Health Plans -- A guide for complying with the new 2009 HIPAA requirements in the Recovery Act and updated to include the new breach notification regulations.
 

 

Copyright 2005-2010, Bricker & Eckler LLP, all rights reserved.  Please read our Privacy Notice.
The words Bricker & Eckler and its logo are registered trademarks of Bricker & Eckler LLP. DISCLAIMER