Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 119th Congress · S. 3097 (Introduced in Senate) — To provide additional protections with respect to health information, and for other purposes. · Sec. 6

Sec. 6. Patient notification requirements under the HIPAA privacy regulations

299 words·~1 min read·/bill/119/s/3097/is/section-6

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Any regulated entity or service provider who gains access to the protected health information of an individual through the patient right of access under section 164.524 of title 45, Code of Federal Regulations (or any successor regulations) shall— provide a written plain language notification to such individual prior to accessing such information— that such protected health information will no longer be subject to the protections under the HIPAA privacy regulation; and that includes an explanation of how and to which entities such protected health information may be redisclosed; and require the consent of the individual before selling such protected health information to third parties.
Any regulated entity or service provider who offers digital technology that generates wellness data about individuals shall, with respect to each individual who uses such technology— provide a written plain language notification to the individual in advance of initiating the generation of such data that such data will not be subject to the protections of the HIPAA privacy regulation; and offer the individual an opportunity to opt out of such wellness data generation. In this subsection, the term wellness data means data generated for the purpose of promoting health or preventing disease, which may include vital statistics, step counts, and medical regimen compliance.
In this section— the terms business associate , covered entity , and protected health information have the meanings given such terms in section 160.103 of title 45, Code of Federal Regulations (or any successor regulations); the term HIPAA privacy regulation has the meaning given such term in section 1180(b)(3) of the Social Security Act ( 42 U.S.C. 1320d–9(b)(3) ); and the terms regulated entity and service provider have the meanings given such terms in section 2. This section shall take effect beginning one year after the date of enactment of this Act.
Connections1 off-index
1 reference not yet in our index
  • 42 USC 1320d–9(b)(3)
Citation graph
cites case law
Sec. 6
Patient notification requirements under the HIPAA privacy regulations
Cite42 USC 1320d–9(b)(3)
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.