On April 17, 2009, the Federal Trade Commission issued a notice of proposed rulemaking that requires vendors of personal health records and related entities such as non-profit organizations that offer PHRs, to notify individuals when the security of their individually identifiable health information is breached. The NPRM seeks to conform with rules from HHS that safeguard protected health information, but the FTC proposed rule applies to non HIPAA-covered entities that are not subject to HIPAA privacy and security requirements. Of the many comments the FTC seeks is to identify entities that would fall under this ruling. We believe this rule will strengthen the trust consumers/patients have in sharing information in their…
Tag: Personal Health Records
Personal Health Records (PHRs) and the HIPAA Privacy Rule
U.S. Department of Health and Human Services, Office for Civil Rights Download (Requires Acrobat Reader)