Healthcare Providers Receive FTC Red Flags Exemption from Congress

HIPAA.com has covered the provisions of the Federal Trade Commission (FTC) Red Flags Rule in earlier postings.  Congressional action now exempts healthcare providers from compliance with the provisions of the Red Flags Rule. On Tuesday, December 7, the House by voice vote joined the Senate in passage of S.3987, the Red Flag Program Clarification Act of 2010.  On November 30, 2010, the Senate passed this legislation by unanimous consent.  The bill has been cleared to the White House for signature. The following information from the Library of Congress summarizes S 3987 (see http://thomas.loc.gov): “Amends the Fair Credit Reporting Act, with respect to federal agency (red flag) guidelines regarding identity theft…

READ MORE

200 Breaches Impacting Almost 5.9 Million Individuals, with Theft and Loss of Laptops and PEDs Major Cause

December 2, 2010.M Under the Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted as part of the American Recovery and Reinvestment Act of 2009, covered entities are required to report to the Secretary of the Department of Health and Human Services (HHS) any breach affecting 500 or more individuals within 60 days of discovery of the breach by the covered entity or its business associate.  The HHS Office for Civil Rights (OCR), which is responsible for HIPAA privacy and security enforcement,  is required to post these HIPAA privacy or security breaches on its Web site (please note that this URL is a change from the initial…

READ MORE