Standards for Privacy of Individually Identifiable Health Information and Supporting Regulations at 45 CFR Parts 160 and 164

ICR 201710-0945-002

OMB: 0945-0003

Federal Form Document

Forms and Documents
Document
Name
Status
Justification for No Material/Nonsubstantive Change
2017-10-12
Supporting Statement A
2016-06-10
IC Document Collections
IC ID
Document
Title
Status
221884
Unchanged
221883
Unchanged
221882
Unchanged
221881
Unchanged
221880
Unchanged
221879
Unchanged
221878
Unchanged
221877
Unchanged
221876
Unchanged
221875
Unchanged
221874
Unchanged
221872
Unchanged
221871
Unchanged
221870
Unchanged
221869
Unchanged
221868
Unchanged
221866
Unchanged
221862
Unchanged
221861
Unchanged
221860
Unchanged
221859
Unchanged
208573
Modified
190153
Unchanged
190152
Unchanged
190151
Unchanged
190150
Unchanged
190149
Unchanged
190147
Unchanged
190146
Unchanged
190145
Unchanged
190144
Unchanged
190143
Unchanged
10428
Unchanged
ICR Details
0945-0003 201710-0945-002
Historical Active 201603-0945-001
HHS/OCR 20296
Standards for Privacy of Individually Identifiable Health Information and Supporting Regulations at 45 CFR Parts 160 and 164
No material or nonsubstantive change to a currently approved collection   No
Regular
Approved without change 04/09/2018
Retrieve Notice of Action (NOA) 10/17/2017
  Inventory as of this Action Requested Previously Approved
09/30/2019 09/30/2019 09/30/2019
1,015,548,443 0 1,015,728,443
921,813,708 0 921,822,708
0 0 0
The individually identifiable health information collected is used by patients and by more than 500,000 covered entities affected by the HIPAA Privacy Rule. The information is routinely used by covered entities for treatment, payment, and health care operations. In addition, the information is used for specified public policy purposes, including research, public health, and as required by other laws.
PL: Pub.L. 104 - 191 1 Name of Law: Health Insurance Portability and Accountability Act of 1996
  
None
Not associated with rulemaking
  81 FR 14453 03/17/2016
81 FR 31646 05/19/2016
No
33
IC Title Form No. Form Name
Media Notice
Amendment of Protected Health Information (requests)
Amendment of Protected Health Information (denials)
Accounting for Disclosures of Protected Health Information
Contingency Plan- Criticality Analysis
Maintenance Records
Individual Notice-Substitute Notice (staffing toll-free number)
Individual Notice-Substitute Notice (individuals' voluntary burden to call toll-free number for information)
Less than 500 Affected Individuals (investigating and documenting breach)
Risk Analysis-Documentation
Security Reminders- Periodic Updates
Security Incidents (other than breaches)- Documentation
Contingency Plan- Testing and Revision
Information System Activity Review- Documentation
Individual Notice- Written and E-mail Notice (drafting)
Individual Notice- Substitute Notice (posting or publishing)
Security Incidents- Business Associate reporting of incidents (other than breach) to Covered Entities
Documentation - Review and Update
Individual Notice-Written and E-mail Notice (preparing and documenting notification)
Individual Notice-Written and E-mail Notice(processing and sending)
Notice to Secretary (notice for breaches affecting fewer than 500 individuals)
500 or More Affected Individuals (investigating and documenting breach)
Less than 500 Affected Individuals (investigating and documenting breach) breaches affecting <10 individuals
Rights to request privacy protection for protected health information
Notice to Secretary (notice for breaches affecting 500 or more individuals)
Process for Requesting Exception Determinations (states or persons)
Uses and Disclosures-Organizational Requirement
Uses and Disclosures for which Individual authorization is required
Uses and Disclosures for Research Purposes
Notice of privacy Practices for Protected Health Information/health plan distribution paper mail
Notice of Privacy Practices for Protected Health Information (health care providers - dissemination/acknowledgement
Notice of Privacy Practice for Protected Health Information (Health plans- periodic distribution of NPPs by electronic mail)
Access of Individuals to Protected Health Information (disclosures)
  Total Approved Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 1,015,548,443 1,015,728,443 0 0 -180,000 0
Annual Time Burden (Hours) 921,813,708 921,822,708 0 0 -9,000 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
No
Yes
Miscellaneous Actions
This information collection does not create any new requirements for regulated entities or individuals. As noted above, we have combined three existing information collections into a single collection addressing burdens associated with the HIPAA Privacy, Security, and Breach Notification Rules. In addition, we have made a number of adjustments to the estimated ongoing annual burdens to reflect our experience with the use of these provisions and increases in average wages for the applicable labor categories.
$300,000
No
    No
    No
No
No
No
Uncollected
Sherrette Funn-Coleman 2026905683
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
10/17/2017
© 2024 OMB.report | Privacy Policy