Mid week update

Federal News Radio, among other sources, reports on the House Federal Workforce Subcommittee hearing concerning the Postal Service's plan to withdraw from the FEHBP.  The hearing was held yesterday  morning. The report describes the lawmaker's reaction as skeptical. The FEHBlog suggest reading Walton Francis's testimony before the Committee which places the issue in perspective and explains the skepticism.

Last year, a federal employee sued OPM in federal court to force the agency to cover her same sex spouse. OPM had declined the request based on the Defense of Marriage Act. The federal court which sits in San Francisco (which is not a crack because the Judge is a George W. Bush appointee) held that the Defense of Marriage Act is unconstitutional as applied to this case. The Court ordered OPM to grant the federal employee's request. Although the case has been appealed to the Ninth Circuit, no party sought to stay this order, and the Washington Post reported yesterday that OPM appropriately has complied with the order. The U.S. Court of Appeals for the First Circuit, which sits in Boston, will consider the same issue in arguments to be made before the entire court (rather than a three judge panel) on April 4.

The Federal Trade Commission did release its consumer privacy framework on Monday. "The final report calls on companies handling consumer data to implement recommendations for protecting privacy, including:

• Privacy by Design - companies should build in consumers' privacy protections at every stage in developing their products. These include reasonable security for consumer data, limited collection and retention of such data, and reasonable procedures to promote data accuracy;
• Simplified Choice for Businesses and Consumers - companies should give consumers the option to decide what information is shared about them, and with whom. This should include a Do-Not-Track mechanism that would provide a simple, easy way for consumers to control the tracking of their online activities.
• Greater Transparency - companies should disclose details about their collection and use of consumers' information, and provide consumers access to the data collected about them."

Closer to home, Fierce Health IT reports that the mega-rule implementing the 2009 HITECH Act's changes to the HIPAA Privacy and Security Rules applicable to FEHB plans, other health plans, health care providers, healthcare clearinghouses, and their business associates has been sent to the U.S. Office of Management and Budget for its final review before the rule is published in the Federal Register.

[The rule] combines four separate rulemakings: the changes to HIPAA's privacy and security rules mandated by the HITECH Act; the new enforcement requirements and higher penalty requirements; the final regulations of HITECH's breach notification rule; and changes to HIPAA to incorporate the Genetic Information Nondiscrimination Act (GINA). OCR also will release guidance to help entities implement the changes, including an updated business associate agreement.

The review process can take three months.