New ID theft rules may not pertain to small businesses – SC Magazine US
The rules, developed in accordance with the Fair and Accurate Credit Transactions Act of 2003 (FACTA), require financial institutions and other organizations classified as “creditors” to develop programs to identify, detect and respond to indications of identity theft. A bill passed this week would amend FACTA and exclude health care, accounting and legal practices with [...]
Feds’ Security Spending On a Roll: Over 8 Percent Growth Over Next Five Years – DarkReading
The U.S. federal government’s IT security spending will jump from $7.9 million to $11.7 billion in 2014 thanks to tightening federal security regulations, a 300 percent jump in attacks on feds’ networks and systems during the past five years, and the Obama administration’s emphasis on security, according to new data from research firm Input.
via Feds’ [...]
AHIMA floats privacy ‘bill of rights’ for entities outside HIPAA
The American Health Information Management Association (AHIMA) is looking to bridge what it sees as a yawning gap in health privacy protections with a seven-point bill of rights it hopes will push the healthcare industry to a “major paradigm shift” in patient privacy practices.
There are many entities that operate outside of the Health Insurance Portability [...]
HHS Office Will Be Funded Partly By The HIPAA Fines It Levies | BNET Health Care Blog | BNET
Have you ever heard of a federal agency in charge of enforcing a set of regulations that is partly funded by the penalties it imposes on violators?
via HHS Office Will Be Funded Partly By The HIPAA Fines It Levies | BNET Health Care Blog | BNET.
HHS Issues Rule Requiring Individuals Be Notified of Breaches of Their Health Information
The regulations, developed by the HHS Office for Civil Rights (OCR), require health care providers and other HIPAA covered entities to promptly notify affected individuals of a breach, as well as the HHS Secretary and the media in cases where a breach affects more than 500 individuals. Breaches affecting fewer than 500 individuals will be [...]
Mass. Makes Changes to ID Theft Regulations – Network World
State regulators in Massachusetts have made changes to a set of identity theft regulations.
The changes, according to a release from the state’s Office of Consumer Affairs and Business Regulation, maintain protections and also reinforce flexibility in compliance by small businesses and were made in response to concerns among small businesses who were concerned the proposed [...]
FISMA Reform: Making Room for Innovation
Just days before perpetrators executed one of the broadest denial of service attacks against federal-interest IT systems, the Government Accountability Office was on the Hill presenting its recommendations for reforming FISMA; including plans to enhance and improve testing, policy, communications, reporting and auditing.
With IT security resources so heavily invested in policy, audits and compliance reporting, [...]
New proposed regulations in the US #Compliance #GRC
New legislation continues to pass at a fast clip in the US under the new administration, some of the most revealing actions taken so far include:
May 20, 2009 – President Obama signed the Fraud Enforcement and Recovery Act of 2009.
June 12, 2009 – United States Congressman Gary Peters introduced his Shareholder Empowerment Act to the [...]
HIPPA.com :: New Single Source Location for HIPAA & HIT Information
Several nationally recognized healthcare experts have joined forces to create HIPAA.com, a single-source resource site where visitors will find access to HIPAA regulations, American Recovery and Reinvestment Act (ARRA) updates, and practical guidance on what to do to meet new regulations.
via HIPPA.com :: New Single Source Location for HIPAA & HIT Information.
HHS offers guidance on protecting health information – Modern Healthcare
HHS issued guidance on protecting personally identifiable healthcare information by encrypting or destroying it so that it is rendered “unusable, unreadable or indecipherable to unauthorized individuals.” The 20-page document was the work of a joint effort by HHS, its Office of the National Coordinator for Health Information Technology and Office for Civil Rights, and the [...]
