FTC proposes changes to breach notification requirements for entities not covered by HIPAA
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect health information but are not covered by HIPAA’s privacy and security requirements. The changes address advances in public health record-related technologies since the 2009 American Recovery and Reinvestment Act established breach notification requirements for these entities. Watch for an AHA update soon on the possible implications of the proposed changes.
Related News Articles
Headline
An AHA Cyber & Risk Intel blog by John Riggi, AHA national advisor for cybersecurity and risk, explores what health care leaders need to consider to reduce…
AHA Cyber Intel
Cyberattacks against hospitals, health systems and mission-critical health care third-party providers have surged in recent years. While these attacks often…
Headline
Microsoft Threat Intelligence is warning of a large scale, multistage phishing campaign that disproportionately targeted the health care sector, sending “code…
Headline
The Cybersecurity and Infrastructure Security Agency has launched a new initiative for critical infrastructure to defend against cyberattacks through proactive…
Headline
John Riggi, AHA national advisor for cybersecurity and risk, will moderate a webinar May 5 at 1 p.m. ET that will explore how bad actors are leveraging…
Headline
The AHA and Joint Commission May 4 announced the launch of the Cyber Resilience Readiness program, an initiative to help hospitals and health systems assess…