HITECH Act: What You Need to Know About New Data-Breach Guidelines
THU, OCTOBER 29, 2009 — Network World — Healthcare providers and others handling sensitive patient data are now finding the stakes raised if they suffer a data breach because of a new law known as the "Health Information Technology for Economic and Clinical Health Act," or HITECH Act.Enterprise Data Security: Definition and Solutions Slideshow: When Rogue IT Staffers Attack: 8 Organizations That Got Burned Passed by Congress in February, the HITECH Act is now coming into enforcement by the U.S. Department of Health and Human Services (HHS) and the Federal Trade Commission (FTC), which each have been given a role to play under the law, potentially levying punishments and fines on organizations that stumble in protecting personal health information.
Depending on whether a data breach arises from a simple mistake to willful theft, fines will range in tiers from as low as $100 per violation for a slip-up regarding unencrypted data to $1.5 million or more for knowingly and willfully violating the data-breach rules, say those familiar with the HITECH Act.
"Under the HHS rule, you have to figure out if you had a data breach," says Rebecca Fayed, attorney-at-law firm Sonnenschein, Nath & Rosenthal's healthcare group division in Washington, D.C.. But the new rules, which cover both electronic and paper formats, are far from simple. More...
10-29-2009 10:36
Current Focus
Latest News
- Snapshot of global internet speeds revealed
- China renews Google license, ending standoff
- U.S. aims to detect cyber infrastructure attacks: report
- Hackers target Microsoft Windows XP support system
- FCC to toughen internet rules
- Supreme Court rules on employer monitoring of cellphone, computer conversations
- Computer Experts Face Backlash
- Apple patent bid combines solar with touch screen
- Adobe reports critical flaw in Flash, Acrobat
- Google phases out Microsoft Windows use: report