The Credit Union National Association reports: H.R. 2221, the Data Accountability and Trust Act, passed the House subcommittee on commerce, trade, and consumer protection by a voice vote during a Wednesday markup session. The bill, which was introduced by House Subcommittee Chair Rep. Bobby Rush (D-Ill.), would require businesses to notify affected customers when outside…
Category: Legislation
OIS Commentary: And some walls will come tumbling down
One of yesterday’s posts on PHIprivacy.net reports a data breach involving Kelsey-Seybold Clinic that has not been reported in the mainstream media. I contacted Kelsey-Seybold after a site visitor alerted me to the breach. The report is frustratingly short on details, though, because Kelsey-Seybold could — and did — simply ignore questions it did not…
Maine Requires Breach Notice within Seven Days of Go-Ahead from Law Enforcement
From the Privacy & Information Security Law Blog: On May 19, Maine Governor John Baldacci signed legislation limiting the time that breach notification may be delayed following a determination by law enforcement that providing notice will not compromise a criminal investigation. The provision, which will take effect 90 days after the close of the Legislature’s…
Prospects Gloomy for Texas Data Security Bill
Jim Rubenstein of Credit Union Times reports that it’s unlikely that the Texas legislature will pass an ambitious data security bill before the current legislative session ends on June 1. H.B. 345 and the companion S.B. 327 have support from the financial sector and the state’s Attorney General, but have been strongly opposed by retailers…
Security groups cautious about data security and file sharing bills
Gautham Nagesh of Nextgov reports on testimony to Congress concerning two bills in the current session: H.R.2221 (Data Accountability and Trust Act) and H.R. 1319 (Informed P2P User Act). Some of the concerns raised about H.R. 2221: According to David Sohn, senior policy counsel for the Center for Democracy and Technology, most states have already…
HHS offers health IT privacy guidelines
Brian Robinson reports in Government Health IT: The Health and Human Services Department has begun overhauling the privacy and security rules that govern personal health information, which is considered vital to attempts by Congress and the Obama administration to broaden the adoption of electronic health records. HHS published guidance on April 17 that outlines the…