Lora Bentley, in her recent posting in the ITBusinessEdge blog, wants to remind us that the data breach notification rule promulgated by the U.S. Department of Health and Human Services (HHS) pursuant to the HITECH Act, even applies to individuals the covered entity knows to be deceased.

Given the fact that each state and territory law has its own position on this rule, and, in fact, where some do not have such a stipulation of notice regarding deceased persons, each organization must pay careful attention to protect themselves from potential privacy breach lawsuits stemming from the HHS rule. 

Click here to read this article and remember to follow the link within this article to the HHS rule as published in the Federal Register for public comment.

The Health Data Management publication group recently announced the final rule(s) governing the reporting of data breaches by vendors of personal health records (PHR’s) and online applications that interact with PHR’s.

Read this article for more information on this important privacy and information security topic.

In an earlier post this afternoon our blog addresed the continually growing numbers of companies reporting data breaches.  In another posting on the same subject, which was posted in paymentnews, which is produced by and is a service mark of Glenbrook Partners, LLC, we see yet another announcement to the public identifying a potential data breach of thier client’s personal data.

We cannot stress enough to encourage all companies to continue diligently preparing themselves for a potential data breach of their private data …. as these reports of data breach continue to escalate, no longer is this threat just a point of discussion.  Continued action, adaptation and more action is required if a company is to have even a fair chance of overcoming this threat to their organization’s brand and continued customer loyalty.

Click here to read more …..