Network World reports:
The House Committee on Energy and Commerce is voicing concern over a controversial provision in a recently passed health care breach notification bill that gives health care companies considerable discretion on whether to disclose a data breach.
The so-called "harm threshold" provision was included in an interim final rule published late last month by the U.S. Department of Health and Human Services (HHS) in a bill requiring breach notification for unsecured health information. Under the provision, health-care entities would have to publicly disclose data compromises only if they think the breach will cause financial harm to those whose data was compromised or hurt their reputation.
Read the full article here.
Comments