The individually identifiable health information collected is used by patients and by more than 500,000 covered entities affected by the HIPAA Privacy Rule. The information is routinely used by covered entities for treatment, payment, and health care operations. In addition, the information is used for specified public policy purposes, including research, public health, and as required by other laws.
PL:
Pub.L. 104 - 191 1
Name of Law: Health Insurance Portability and Accountability Act of 1996
This information collection does not create any new requirements for regulated entities or individuals. As noted above, we have combined three existing information collections into a single collection addressing burdens associated with the HIPAA Privacy, Security, and Breach Notification Rules. In addition, we have made a number of adjustments to the estimated ongoing annual burdens to reflect our experience with the use of these provisions and increases in average wages for the applicable labor categories.
$300,000
No
No
No
No
No
Uncollected
Sherrette Funn-Coleman 2026905683
No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control number;
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
0945-0003 Supporting Statement HIPAA Combo Draft 5-27-16.docx
Less than 500 Affected Individuals (investigating and documenting breach) breaches affecting