FTC proposes changes to breach notification requirements for entities not covered by HIPAA
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect health information but are not covered by HIPAA’s privacy and security requirements. The changes address advances in public health record-related technologies since the 2009 American Recovery and Reinvestment Act established breach notification requirements for these entities. Watch for an AHA update soon on the possible implications of the proposed changes.
Related News Articles
Headline
The Cybersecurity and Infrastructure Security Agency and FBI Aug. 8 released guidance on secure by design software products which includes resources to assess…
Perspective
It seems like barely a week goes by without a new cyberattack that affects health care providers. Often, it’s a ransomware attack conducted by foreign criminal…
Headline
The Cybersecurity and Infrastructure Security Agency and FBI today issued an updated advisory on the BlackSuit ransomware group, providing information on…
Headline
Cybercriminals are ramping up attacks on health care systems throughout the United States, with a majority of these crimes originating from international,…
AHA Cyber Intel
We all know by now that cyber risk is not just an "IT issue," but rather it is an enterprise risk issue. Cyberattacks represent a potential risk to every…
Headline
OneBlood, a nonprofit organization that provides blood and blood products to health care providers in Florida, Georgia, Alabama, North Carolina and South…