|
|
|
|
 |
 |
||
 |
     |
||
 | |||
     |
|||
NAID SUBMITS COMMENT ON FTC HEALTH DATA BREACH
On June 1st, NAID submitted its Official Comments to the Federal Trade Commission (FTC) regarding its proposed Health Data Breach Notification Rule. When final, the new regulatory provision will dictate how and when “PHR-related entities” and “third party processors” will have to provide notification to authorities, the media, and affected individuals in the event of a data breach. Both of these new regulated categories were created under the changes to HIPAA in the ARRA/HITECH legislation signed into law on February 17th and fall under FTC jurisdiction. Health Data Breach Notification will also be required for traditional Covered Entities and Business Associates, but that proposed rule has yet to be published by Health and Human Services (HHS).
Last month, NAID published a white paper titled Changes to HIPAA and their Impact on the Information Destruction Industry which will also appear in the June 2009 edition of NAIDnews, along with two companion pieces regarding the significance of breach notification laws and how changes to HIPAA will influence the competitive arena.
Details on the release of the new HIPAA/HITECH Business Associate Contract, being finalized by NAID and one of the leading privacy attorneys in the country, will be announced soon. The new contract language is required by the revised regulation.
NAID 1951 W. Camelback Rd Ste 350, Phoenix, AZ 85015 USA
Phone: (+1)602.788.6243 Fax: (+1)602.788.4144 Email:info@naidonline.org
Copyright © 2002-2010 National Association for Information Destruction, Inc. All rights reserved.