FTC Rule Expands Health Data Breach Notification Responsibility to Web-Based Entities
SANS NewsBites Vol. 11 Num. 66 (August 18, 2009)
The US Federal Trade Commission has issued a final rule on health care breach notification. The rule will require web-based businesses that store or manage health care information to notify customers in the event of a data security breach. Such entities are often not bound by the requirements of the Health Insurance Portability and Accountability Act (HIPAA); this rule addresses that discrepancy.
http://www.darkreading.com/security/government/showArticle.jhtml?articleID=219400484
[Editor's Note (Pescatore): If my kids grow up to be government agencies, I hope they turn out to be the FTC. Any government agency is my kind of government agency when they issues press releases with headlines like "FTC Says Mortgage Broker Broke Data Security Laws: Dumpster Wrong Place for Consumers' Personal Information."]
No comments:
Post a Comment