[ Friday, September 10, 2010 ]
State Regulators in Action:
One of the biggest changes wrought by HITECH is adding states' Attorneys General to the short list of authorities who can prosecute HIPAA violations. However, there's never been anything stopping states from instituting their own privacy rules and enforceing them. Massachusetts recently implemented a data breach rule that basically requires encryption, and we may see some real enforcement there. But the clear leader is California, which regularly fines hospitals for mishandling patient data. The latest to be hit is the Packard Children's Hospital at Stanford University, for failing to report a data breach
when an employee stole a computer.
Jeff [11:11 AM]
Blogger: HIPAA Blog - Edit your Template