As the Sony and Epsilon breaches show, privacy is now in the news media every day. And organizations need to be prepared to address the issue, says Trevor Hughes, executive director of the International Association of Privacy Professionals.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
"Overall, this draft is not balanced," Rep. Henry Waxman, D-Calif., said at a hearing on the measure "It gives businesses too many protections and consumers not enough. It preempts strong state laws and replaces them with a weak federal one."
Danish pharmaceutical company Novo Nordisk Inc. has agreed to a $1.725 million civil settlement agreement to resolve allegations that the company accessed and misused private patient information and filed false or fraudulent Medicaid claims.
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
After hearing objections from hospitals and physicians about a proposed "opt-in" approach to obtaining patient consent for health information exchange, the Maine legislature has passed a rewritten measure that spells out rules for an "opt-out" approach.
The executive director of a Southern California health information exchange describes a pilot project that's testing whether patient identifiers make it easier to match patients to their records from multiple organizations.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
A personalized medicine project leveraging genetic information holds great promise for improving patient treatment but raises certain privacy issues, says Scott Megill, CIO at the Coriell Institute for Medical Research.
The legislation sponsored by Senate Judiciary Chairman Patrick Leahy would nationalize data breach notification and stiffen penalties for those who fail to notify law enforcement and individuals of a data breach.