![]() ![]() It also created an exemption for companies that encrypt their data.Įncryption has been seen as a controversial issue in the industry, particularly with data that's only being stored and not transmitted. Known as the HITECH Act, it required public disclosure of any health data breach affecting 500 or more people. "The personally identifiable information health plans maintain on enrollees and members - including names and Social Security numbers - is protected under HIPAA, even if no specific diagnostic or treatment information is disclosed," the statement said.Ī 2009 federal law promoting computerized medical records sought to nudge the health care industry toward encryption. The statement from the privacy office said the kind of personal data stolen by the Anthem hackers is covered by HIPAA, even if it does not include medical information. Although Anthem alerted mainline law enforcement agencies, the law allows 60 days for notifying HHS. The office said in a statement Friday that it has yet to receive formal notification of the hack from Anthem, but nonetheless is treating the case as a privacy law matter. ![]() The agency charged with enforcing the privacy rules is a small unit of the federal Health and Human Services Department, called the Office for Civil Rights. "We will consider whether there are ways to strengthen current protections," said Jim Jeffries, spokesman for chairman Lamar Alexander, R-Tenn. Late Friday, the Senate Health, Education, Labor and Pensions committee said it's planning to examine encryption requirements as part of a bipartisan review of health information security.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |