No major breaches affecting 500 or more individuals have been reported since the Federal Trade Commission's (FTC) breach notification rule for personal health records took effect, reports Gov Info Security. The rule, required under the HITECH Act, took effect last September. It requires that entities experiencing a personal health records breach notify the FTC within 10 business days and that smaller breaches are reported annually. The FTC has posted a list of smaller incidents to its Web site.
If you want to comment on this post, you need to login.