FTC proposes changes to breach notification requirements for entities not covered by HIPAA
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect health information but are not covered by HIPAA’s privacy and security requirements. The changes address advances in public health record-related technologies since the 2009 American Recovery and Reinvestment Act established breach notification requirements for these entities. Watch for an AHA update soon on the possible implications of the proposed changes.
Related News Articles
Headline
The National Institute of Standards and Technology Feb. 2 published details on a critical vulnerability that impacted Notepad++, a free, open-source text and…
Headline
The FBI has launched a two-month campaign, Operation Winter SHIELD (Securing Homeland Infrastructure by Enhancing Layered Defense), highlighting 10 actions…
Headline
Two AHA guides offer strategies for hospitals and health systems in preparing for public health emergencies and disasters and managing cybersecurity incidents…
Headline
Larry Pierce, director of cybersecurity and information security officer for Atlantic Health, unpacks how the growth of artificial intelligence is reshaping…
Headline
U.S. and international agencies Jan. 14 released guidance on secure connectivity for operational technology environments. Examples of OT environments in health…
Headline
The AHA Jan. 14 expressed support for the Rural Hospital Cybersecurity Enhancement Act (S. 2169), legislation that would direct the Department of Health and…