118 HR 6764 IH: Patient Privacy and Caregiver Awareness Act of 2023
U.S. House of Representatives
2023-12-13
text/xml
EN
Pursuant to Title 17 Section 105 of the United States Code, this file is not subject to copyright protection and is in the public domain.
1.This Act may be cited as the Patient Privacy and Caregiver Awareness Act of 2023
.2.Modification of HIPAA privacy regulation(a)Not later than 1 year after the date of the enactment of this section, the Secretary of Health and Human Services shall revise the HIPAA privacy regulation to require that, if an individual (or a personal representative of the individual or another person responsible for the care of the individual) provides consent in accordance with such regulation for a covered entity to use or disclose any protected health information of the individual that is related to a mental health condition or a substance use disorder—(1)the authorization with respect to such use or disclosure shall have an expiration date that is not less than 2 years after the date on which such consent is provided; and(2)the covered entity shall provide the individual (and, in the case that such consent is provided by a personal representative or another person responsible for the care of the individual, such personal representative or person so responsible) with written notice of the expiration of such authorization not later than the date that is 30 days before such expiration date.(b)In this section, the following definitions apply:(1)The term HIPAA privacy regulation has the meaning given such term in section 1180(b)(3) of the Social Security Act (42 U.S.C. 1320d–9(b)(3)).(2)The terms authorization, covered entity, and protected health information have the meanings given such terms for purposes of the HIPAA privacy regulation.