“FTC”; Revised Health Breach Notification Rule resources spell out companies’ legal obligations

Federal Trade Commission: Protecting America's Consumers
https://www.ftc.gov/news-events/blogs/business-blog/2022/01/revised-health-breach-notification-rule-resources-spell-out?utm_source=govdelivery

Revised Health Breach Notification Rule resources spell out companies’ legal obligations

By: Lesley Fair | Jan 21, 2022 2:26PM

Share This Page

Tags:

Shoppers can find a plethora of apps, trackers, and sensors that hold or capture almost every conceivable form of personal health information. If your business or nonprofit offers products like that or provides certain services to entities that do – and you aren’t subject to HIPAA – you may be covered by the FTC’s Health Breach Notification Rule (HBNR). The FTC has two new publications to help determine if the Rule applies to you and the steps you must take if there’s a breach. The FTC also unveiled another new resource to help you meet your compliance obligations.

Entities covered by the Health Breach Notification Rule must notify their customers, the FTC, and, in some cases, the media if there’s a breach of unsecured, individually identifiable health information. In September 2021, the Commission issued a Policy Statement clarifying that the Rule applies to makers of health apps, connected devices, and similar products. A breach under the HBNR includes both cybersecurity intrusions and instances of unauthorized access – for example, when sensitive health information is disclosed without the user’s authorization.

Looking for a sticky note-sized recap of what the Rule requires? Health Breach Notification Rule: The Basics For Business offers a quick introduction. If you need more detailed guidance, Complying With the FTC’s Health Breach Notification Rule addresses who’s covered, what triggers notification, and what to do if a breach occurs, including the who, when, how, and what of notification. In addition, you’ll find FAQs with answers to questions HBNR-covered organizations are asking.

Even if a business isn’t covered by the Health Breach Notification Rule, the FTC has used Section 5’s prohibition on deceptive and unfair practices to challenge illegal conduct related to the use of consumers’ health information. Of course, prevention is the best medicine, so we’ve created a new Health Privacy page where you’ll find cases, blog posts, and other materials to help companies – especially small businesses – honor established legal standards. The page includes a can’t-miss-it link that entities covered by the Rule can use to report breaches of health information.

The Warrior

I am Honored to be Your Friend: we "HONOR" WOMEN & MOMS, and MILITARY Females with our NEW, EXCITING "G.i.J.i.M.O.M." Series: http://thesiborg.com/ http://familymediasite.com/ http://tdmcomics.com/

We are ®Reece ENTERPRISES/©REECENETRICS™/®FAMILY MEDIA COMPANY™/©TDM Comics International; a small but slowly/Strategically growing group of Companies, Creating Comics, and Entertainment Products & “Brands” geared Towards the World Wide Diverse People, of many Cultures and Nations to “spread the love of Positive Images for peoples of All Colors, World wide!”

Our Comics Books have Different Strategic Designs, as Our Own Special ways of Supporting Literacy, Reading, and The ARTS & Libraries of Education.

Terry Reece, aka “the Warrior” Super Hero
Founder/Chairman/CEO
Writer/Copywriter/Creator of The Closet Cove and the L.A.Z.E.R.U.S. project, and the "G.i.J.i.M.O.M." Series Brand
warrior_75210@yahoo.com