|
Healthcare Providers Receive FTC Red Flags Exemption from CongressOn Tuesday, December 7, the House by voice vote joined the Senate in passage of S.3987, the Red Flag Program Clarification Act of 2010. On November 30, 2010, the Senate passed this legislation by unanimous consent. The bill has been cleared to the White House for signature. Healthcare providers as Covered Entities under HIPAA Administrative Simplification, while exempt from FTC Red Flag identity theft detection and protection provisions under S 3987, are not exempt from HIPAA and HITECH Act privacy and security rule obligations to safeguard patient identity data elements that are protected health information (PHI) identifiers. |
|
|
200 Breaches Impacting Almost 5.9 Million Individuals, with Theft and Loss of Laptops and PEDs Major CauseDecember 2, 2010. As of today’s posting by the HHS Office for Civil Rights (OCR) on its Website, there were 200 privacy or security breaches of protected health information (PHI) involving 5,887,170 individuals that had been reported by covered entities. Under the Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted as part of the American Recovery and Reinvestment Act of 2009, covered entities are required to report to the Secretary of the Department of Health and Human Services (HHS) any breach affecting 500 or more individuals within 60 days of discovery of the breach by the covered entity or its business associate. OCR, which is responsible for HIPAA privacy and security enforcement, is required to post these HIPAA privacy or security breaches publicly. |
Syndicate this site
Sign up for email updates
Follow HIPAA.com on Twitter