[ Tuesday, March 29, 2011 ]


Slightly Off-Topic: HIPAA isn't the only privacy law that can result in fines if you violate it. Other businesses are required to protect credit card information (under the "PCI" or "payment card industry" rules). A group of restaurants in Massachusetts have agreed to pay a big fine to the Massachusetts AG (what is it about those New England AGs?) for failing to protect credit card information. Mass. has one of the most stringent data encryption and breach laws. More info here and here. And for other Mass. data security issues, here. Hat tip: John Kelley and Alan Goldberg.

Jeff [1:33 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template