Lora Bentley, in her recent posting in the ITBusinessEdge blog, wants to remind us that the data breach notification rule promulgated by the U.S. Department of Health and Human Services (HHS) pursuant to the HITECH Act, even applies to individuals the covered entity knows to be deceased.

Given the fact that each state and territory law has its own position on this rule, and, in fact, where some do not have such a stipulation of notice regarding deceased persons, each organization must pay careful attention to protect themselves from potential privacy breach lawsuits stemming from the HHS rule. 

Click here to read this article and remember to follow the link within this article to the HHS rule as published in the Federal Register for public comment.

The Health Data Management publication group recently announced the final rule(s) governing the reporting of data breaches by vendors of personal health records (PHR’s) and online applications that interact with PHR’s.

Read this article for more information on this important privacy and information security topic.

In response to many email comments and recent client inquiries on the topic of having your organization join the virtual IT community, we suggest that you take the time to read a great article written by Christina Torode, Senior News Writer at SearchCIO.  While keeping compliant with the regulations regarding privacy and security concerns, not to mention the risk management strategies necessary in virtualization strategies, many IT officers often underestimate the need to understand the terms and conditions of required contracts and licenses before entering into negotiations on those contracts and licenses.

In this article, you will find helpful ways to negotiate software virutalization licenses …. giving you the key issues to watch for and suggested ways to position you negotiation strategies.

Click here to read this article.