New federal privacy and security mandates for handling of medical records, including mandatory notification of individuals whose personal health data is breached, were included in the Health Information Technology for Economic and Clinical Health Act (HITECH) (American Recovery and Reinvestment Act of 2009), signed into law by President Obama February 17, 2009. The core change to the Health Insurance Portability and Accountability Act (HIPAA) is that the legislation will generally require covered entities and business associates to disclose to their patients any security breach that exposes the patients' information to unauthorized persons outside the covered entity.
Read the article
Stay Ahead with Kroll
Cyber and Data Resilience
Kroll merges elite security and data risk expertise with frontline intelligence from thousands of incident response, regulatory compliance, financial crime and due diligence engagements to make our clients more cyber resilient.