Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 114th Congress · H.R. 4805 (Introduced in House) — To amend the Health Information Technology for Economic and Clinical Health Act to provide that information held by h... · Sec. 2

Sec. 2. Findings

436 words·~2 min read·/bill/114/hr/4805/ih/section-2

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

The Congress finds as follows: The Health Insurance Portability and Accountability Act of 1996 ( HIPAA ), through certain of its implementing regulations known as the Privacy Rule, protects the health information of enrollees of health plans and other individuals (in this section referred to as protected health information ). The HIPAA Privacy Rule applies to protected health information held by health care providers, plans, and clearinghouses, which are known as covered entities .
Such Rule also applies to vendors that perform certain functions for covered entities and thereby come into possession of protected health information. The HIPAA Privacy Rule refers to these vendors as business associates . The HIPAA Privacy Rule applies both to the internal use of protected health information by covered entities and their business associates and to the disclosure of such information to other parties. Covered entities and their business associates are subject to substantial civil and criminal penalties if they use or disclose protected health information in violation of the HIPAA Privacy Rule.
Clearinghouses play a unique, central role in the health care system, interacting with both health care providers and plans. Clearinghouses convert information from providers into claims-processing standard electronic formats and then submit the claims to the plans and finally send providers the plan payments. Claims and other data held by clearinghouses could be analyzed longitudinally and geographically, providing powerful analytical tools that could benefit the overall health care system and facilitate medical innovation in the 21st Century.
Clearinghouses are unable to unlock the benefits of such claims and other data because the HIPAA Privacy Rule assigns clearinghouses a dual role. Such clearinghouses are not only covered entities, but are also business associates. The latter role substantially restricts the ability of clearinghouses to analyze claims data. Clearinghouses should not be considered business associates and should instead have the same ability to use and disclose health-related data as other types of covered entities.
Eliminating the business-associate role of clearinghouses would not affect the applicability of the civil and criminal penalties that enforce the HIPAA Privacy Rule. Clearinghouses would continue to be subject to such penalties in their role as covered entities. In addition to the uses of health-related information that the HIPAA Privacy Rule currently authorizes for covered entities, there are several particular analytical uses that should be authorized specifically for clearinghouses because of the unique benefits that would result from authorizing those uses.
Although these particular new analytical uses should be authorized for clearinghouses, the disclosure of health information pursuant to these uses should be subject to the protection principles currently underlying the HIPAA Privacy Rule, including enforcement principles.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.