42 U.S. Code § 1320d–9 - Application of HIPAA regulations to genetic information
prev | next
(a) In general
The Secretary shall revise the HIPAA privacy regulation (as defined in subsection (b)) so it is consistent with the following:
(1) Genetic information shall be treated as health information described in section 1320d (4)(B) of this title.
(2) The use or disclosure by a covered entity that is a group health plan, health insurance issuer that issues health insurance coverage, or issuer of a medicare supplemental policy of protected health information that is genetic information about an individual for underwriting purposes under the group health plan, health insurance coverage, or medicare supplemental policy shall not be a permitted use or disclosure.
For purposes of this section:
(1) Genetic information; genetic test; family member
(2) Group health plan; health insurance coverage; medicare supplemental policy
(3) HIPAA privacy regulation
(4) Underwriting purposes
The term “underwriting purposes” means, with respect to a group health plan, health insurance coverage, or a medicare supplemental policy—
(A) rules for, or determination of, eligibility (including enrollment and continued eligibility) for, or determination of, benefits under the plan, coverage, or policy;
(C) the application of any pre-existing condition exclusion under the plan, coverage, or policy; and
The revisions under subsection (a) shall be made by notice in the Federal Register published not later than 60 days after May 21, 2008, and shall be effective upon publication, without opportunity for any prior public comment, but may be revised, consistent with this section, after opportunity for public comment.
In addition to any other sanctions or remedies that may be available under law, a covered entity that is a group health plan, health insurance issuer, or issuer of a medicare supplemental policy and that violates the HIPAA privacy regulation (as revised under subsection (a) or otherwise) with respect to the use or disclosure of genetic information shall be subject to the penalties described in sections 1320d–5 and 1320d–6 of this title in the same manner and to the same extent that such penalties apply to violations of this part.
 See References in Text note below.
Source(Aug. 14, 1935, ch. 531, title XI, § 1180, as added Pub. L. 110–233, title I, § 105(a),May 21, 2008, 122 Stat. 903.)
References in Text
The Genetic Information Nondiscrimination Act of 2007, referred to in subsec. (b)(1), probably means the Genetic Information Nondiscrimination Act of 2008, Pub. L. 110–233, May 21, 2008, 122 Stat. 881. For complete classification of this Act to the Code, see Short Title note set out under section 2000ff of this title and Tables.
Section 264 of the Health Insurance Portability and Accountability Act of 1996, referred to in subsec. (b)(3), is section 264 ofPub. L. 104–191, which is set out as a note under section 1320d–2 of this title.
Pub. L. 110–233, title I, § 105(b)(2),May 21, 2008, 122 Stat. 905, provided that: “The amendment made by subsection (a) [enacting this section] shall take effect on the date that is 1 year after the date of the enactment of this Act [May 21, 2008].”
Pub. L. 110–233, title I, § 105(b)(1),May 21, 2008, 122 Stat. 905, provided that: “Not later than 12 months after the date of the enactment of this Act [May 21, 2008], the Secretary of Health and Human Services shall issue final regulations to carry out the revision required by section 1180(a) of the Social Security Act [42 U.S.C. 1320d–9 (a)], as added by subsection (a). The Secretary has the sole authority to promulgate such regulations, but shall promulgate such regulations in consultation with the Secretaries of Labor and the Treasury.”
LII has no control over and does not endorse any external Internet site that contains links to or references LII.