Wednesday, February 5, 2014

FTC Breach Ruling Leads to Lab Closure

The lab that the Federal Trade Commission ruled failed to protect data on 9,000 patients has announced it will close saying the FTC investigation was an "abuse of power." More information about the case is outlined in two previous blogs, one last week, and one in September 2013.

The lab accused the FTC of overstepping its authority and said the agency did not have the Congressional authority to regulate data security practices. The FTC ruled that it has authority over HIPAA-covered entities and that "Congress has never enacted any legislation that, expressely or by implication, forecloses the Commission fro challenging data security measures that it has reason to believe are "unfair...acts or practices."

"The FTC has spent untold taxpayer dollars...usurping power over patient information from the U.S. Department of Health and Human Services." - CEO, LabMD
Many believed health data security was regulated only by HIPAA under the Health and Human Services Office of Civil Rights but now have to consider the FTC can take action as well. The FTC claims the lab "Did not use readily available measures to prevent and detect unauthorized access to personal information." One readily available method to detect unauthorized access, even by authorized users, is low-cost on-demand SaaS analytics services.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Medical lab says FTC breach probe forced it to close - www.ComputerWorld.com, 01/31/2014

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.