Wyoming Hospital Records Act of 1991 May be Repealed

HIPAA Compliance Certification

Wyoming is contemplating repealing the Hospital Records Act of 1991. The act was created to make sure hospitals took steps to ensure the privacy of patient data. The legislation came five years before the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and required hospitals to implement privacy and security safeguards similar to those that were later introduced by HIPAA.

The Hospital Records Act covered the following areas:

  • Obtaining patient authorizations before sharing patient data
  • Limiting disclosures of patient data by hospitals
  • Publishing of notices of privacy practices
  • Defining individuals authorized to act on behalf of patients
  • Implementation of security safeguards
  • Stipulating retention periods for health records

The Hospital Records Act was very effective; however, after the enactment of HIPAA and its Privacy and Security Rules, the protections became largely redundant, as all hospitals were required to comply with HIPAA Rules covering similar areas. HIPAA also required further protections for data and gave patients even more rights.

Although both HIPAA and the state regulations have similar aims, there are a number of differences between the two regulations and that is causing some issues for hospitals and for law enforcement. Not only does having the two sets of laws mean that the regulatory burden on hospitals is higher, complying with the state law could put hospitals at risk of penalties for non-compliance with HIPAA.

Hospitals must comply with both laws, while doctor’s offices only need to comply with the HIPAA. Repealing the state legislation will standardize compliance for all healthcare providers.

Sen. Dave Kinskey (R-Sheridan); Rep. Cyrus Western (R-Big Horn) and Rep. Mark Kinner (R-Sheridan) sponsored the bill (Senate File 96 SF0096). If passed, Wyoming’s Hospital Records Act will be repealed. The state would then just depend on the protections provided by complying with HIPAA. That would make compliance for hospitals more straightforward and would provide greater clarity on regulatory requirements.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

The bill was introduced in the House on January 29, 2019.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: https://www.linkedin.com/in/liamhipaa/