FTC seeks public comment on electronic health record security rules
WASHINGTON The Federal Trade Commission has approved a Federal Register notice seeking public comment on a proposed rule that would require notification of patients when the security of their electronic health information is breached, the FTC announced Thursday.
The rule stems from provisions in The American Recovery and Reinvestment Act of 2009 that set aside funding for the adoption of electronic health records but also seek to address security concerns, particularly with regard to health information stored on such Web sites as Google Health, which allows users to store information ranging from prescription information to data collected by electronic devices.
“These innovations have the potential to provide numerous benefits for consumers, which can only be realized if they have confidence that the security and confidentiality of their health information will be maintained,” the FTC said in the statement.
Under the act, the Department of Health and Human Services has until February 2010 to complete a study and report on potential breach notification requirements.