HOUSE OF REPRESENTATIVES

H.B. NO.

2299

TWENTY-SEVENTH LEGISLATURE, 2014

H.D. 2

STATE OF HAWAII

 

 

 

 

 

 

A BILL FOR AN ACT

 

 

RELATING TO COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT.

 

 

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF HAWAII:

 


     SECTION 1.  The purpose of this Act is to promote compliance with information privacy and security provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA; Public Law 104-191) and the related HIPAA Privacy Rule and HIPAA Security Rule.

     The department of health is considered a covered entity for purposes of HIPAA compliance and, as such, is required to designate:

(1)  A privacy official responsible for the development and implementation of privacy-related policies and procedures per 45 Code of Federal Regulations section 164.530(a)(1); and

(2)  A security official responsible for the development and implementation of security management policies and procedures per 45 Code of Federal Regulations section 164.308(a)(2).

     SECTION 2.  Chapter 321, Hawaii Revised Statutes, is amended by adding a new section to be appropriately designated and to read as follows:

     "§321-    Information privacy and security.  (a)  The department of health shall establish the following two permanent or temporary positions for the purpose of department compliance with federal information privacy and security rules:

     (1)  Privacy officer; and

     (2)  Security officer.

     (b)  The director of health may appoint the privacy officer and security officer without regard to chapter 76; provided that the exemption from chapter 76 shall expire three years after the effective date of Act    , Session Laws of Hawaii 2014, unless affirmatively extended by an act of the legislature; thereafter the director of health shall appoint the privacy officer and security officer pursuant to chapter 76."

     SECTION 3.  In codifying the new section added by section 2 of this Act, the revisor of statutes shall insert the appropriate Act number of this Act.

     SECTION 4.  New statutory material is underscored.

     SECTION 5.  This Act shall take effect on July 1, 2050.


 


 

Report Title:

Department of Health; Health Insurance Portability and Accountability Act; Compliance

 

Description:

Requires the Department of Health to establish permanent or temporary privacy officer and security officer positions in compliance with federal information privacy and security laws.  Temporarily exempts the privacy officer and security officer positions from civil service.  Effective July 1, 2050.  (HB2299 HD2)

 

 

 

The summary description of legislation appearing on this page is for informational purposes only and is not legislation or evidence of legislative intent.