Iowa is the latest state to introduce legislation aimed at tightening up state breach notification laws, Healthcare IT News reports. House Study Bill 526 would require organizations to report a breach within 45 days, add new categories to reporting requirements, and expand the definition of what is considered personal information. The bill would apply to personal data in any form and also cover medical records, effectively shortening HIPAA breach reporting requirements by 15 days. If organizations implement increased encryption methods, they can be exempt from the proposed state reporting requirements.
If you want to comment on this post, you need to login.