Link: FTC issues final rules on breach notices for electronic health information
According to an article today in Healthcare IT News, the Federal Trade Commission issued a final rule regarding notification of customers when security of electronic health information is breached.
HIPAA Privacy & Security applies not only to EHRs and the personal/protected health information (PHI) they contain, but now these regulations also include PHRs and applications that interact with a PHR. This includes applications that collect PHI (such as a pedometer), which is subsequently entered/uploaded into a PHR.
These types of entities (devices and PHRs) were not directly subject to the HITECH / HIPAA laws, however, the landscape has now changed. This is a big step for privacy and security of Personal Health Records and health related devices. It also addresses some of the concerns expressed by the public regarding the privacy of personal health information.
Additional Resources:
The recently enacted HITECH Act totally transforms the HIPAA regulatory landscape with respect to privacy and security, changing it from a paper tiger into an electronic beast. In order to effectively cope with this beast, better tools need to be made available.
Looking for a best of breed HIPAA Compliance Tracking System?
To stay current on the HITECH Act and its quickly changing regulatory scheme visit the HITECH Survival Guide website and/or sign up for our free monthly compliance newsletter. Also, check out our FREE EHR Checklist.
If you need tools that will help with your compliance initiatives then check out the HSG Store.
Comments