FTC’s PHR Breach Rule = Confusion

The Federal Trade Commission has released a final rule requiring vendors of personal health records–and entities that offer third-party PHRs–to notify consumers when the security of their PHR data is breached. Despite efforts of the FTC and the Department of Health and Human Services to harmonize separate rules governing notification of breaches, the FTC rule takes confusion to a new level and will require considerable study.

via FTC’s PHR Breach Rule = Confusion.