FTC Supports Breach Notification Bill

Dom Nicastro, for HealthLeaders Media , September 24, 2010

The FTC's testimony this week called for additions to the bill:

  • The provision that requires that companies notify consumers in the event of an information security breach should not be limited to entities that possess data in electronic form
  • The proposed requirements should be extended so that they apply to telephone companies
  • The bill should grant the agency rulemaking authority to determine circumstances under which providing free credit reports or credit monitoring may not be warranted

The bill extends civil action power to state attorneys general, much like HITECH does. It includes a maximum of $11,000 per day for each day an entity is found not to be in compliance and caps a single violation at:

  • $5 million for each violation of the security and compliance requirements
  • $5 million for all violations of the breach notification requirements

Read more about the bill's security and compliance requirements.

Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.

Comments are moderated. Please be patient.




FREE e-Newsletters Join the Council Subscribe to HL magazine


100 Winners Circle Suite 300
Brentwood, TN 37027


About | Advertise | Terms of Use | Privacy Policy | Reprints/Permissions | Contact
© HealthLeaders Media 2016 a division of BLR All rights reserved.