This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
The Federal Trade Commission on 15th September authorized a policy statement reminding makers of health applications and linked devices that gather health-related data to follow a ten-year-old data breach notification rule. The regulation is part of the agency’s push toward more robust technology enforcement under Chair Lina Khan, who hinted that more scrutiny of data-based ecosystems related to such apps and devices could be on the way.
In written remarks, Chair Lina Khan stated, “The Commission will enforce this Rule with vigour.” According to the FTC, the law applies to a range of vendors, as well as their third-party service providers, who are not covered by the HIPAA breach notification rule but are held liable when clients’ sensitive health data is breached.
After being charged with studying and establishing strategies to protect health information as part of the American Recovery and Reinvestment Act in 2009, the FTC created the Health Breach Notification Rule.
The rule requires suppliers of personal health records and PHR-related companies to notify U.S. consumers and the FTC when unsecured identifiable health information is breached, or risk civil penalties, according to the FTC. “In practical terms, this means that entities covered by the Rule who have experienced breaches cannot conceal this fact from those who have entrusted them with sensitive health information,” the FTC says.
Since the rule’s inception, there has been a proliferation of apps for tracking anything from fertility and menstruation to mental health, as well as linked
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: FTC: Health App and Device Makers Should Comply With Health Breach Notification Rule