Sometimes breaches result in legislation. That appears to be the case in Utah, where the Associated Press reports that the state senate passed a bill in response to two breaches the state experienced:
Utah lawmakers want to alert participants in the state Medicaid program or Children’s Health Insurance Program that their personal information will be stored in state databases.
Sen. Stuart Reid, R-Ogden sponsored the legislation, which requires health care providers to make the disclosure when issuing a notice of their privacy practice.
The bill also requires the state to consult data security experts and incorporate the best security standards.
Read more on The Republic.
Does the state also require physicians or prescribers to notify patients that their personal information and prescription information will be stored in a state database if a Schedule II-V medication is prescribed? Anyone know?