FTC proposes changes to breach notification requirements for entities not covered by HIPAA
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect health information but are not covered by HIPAA’s privacy and security requirements. The changes address advances in public health record-related technologies since the 2009 American Recovery and Reinvestment Act established breach notification requirements for these entities. Watch for an AHA update soon on the possible implications of the proposed changes.
Related News Articles
Headline
Microsoft issues security update addressing critical vulnerability impacting Windows server services
Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update…
Headline
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…
AHA Cyber Intel
In part one of this blog, we reviewed the number of cyberattacks the health care field endured this year compared to last; provided an overview of the lessons…
Headline
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…
Headline
In part one of a new blog, John Riggi, AHA national advisor for cybersecurity and risk, and Scott Gee, AHA deputy national advisor for cybersecurity and risk,…
Perspective
This week, the FBI issued an urgent warning to all users — including hospitals — of a critical security soft spot within Oracle’s E-Business Suite, stating “…