FTC makes changes to healthcare breach reporting
FTC makes changes to healthcare breach reporting
Becker's Health IT; by Naomi Diza; 4/26/24
... The changes clarify the rule's scope regarding health apps and similar technologies while expanding the information covered entities must provide to consumers in the event of a breach of their health data, according to an April 26 FTC news release. Under the new rule, vendors of personal health records and related entities not governed by HIPAA are mandated to notify individuals, the FTC and, when applicable, the media, in case of a breach of unsecured personally identifiable health data. Additionally, third-party service providers to vendors of protected health records must inform such vendors and entities upon the discovery of a breach. [Read for more revisions to the rule.]