HIPAA Blog

[ Wednesday, May 18, 2005 ]

State-Law Duty to Report Unauthorized Access to Personal Information: Several states have now adopted laws that require certain businesses and other entities to notify people if the privacy of their personal information may have been breached in some way. This is not specific to healthcare, and is really generated by issues like the ChoicePoint hacking and other cases where individuals' social security numbers and similar information have been accessed, mainly to either facilitate identity theft or steal from bank accounts. Notifying the individual might not prevent identity theft from occurring, but might allow the victim to look for it and stop it sooner. For a list of states with laws in this area, click here.

Jeff [1:53 PM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template