What is your e-mail address?
My e-mail address is:

Do you have a password?
Forgot your password? Click here
close

Close

Personal health records rule cracks down on vendors

Vendors must notify consumers of breaches

The Federal Trade Commission has released a final rule that requires vendors that provide personal health records (PHRs) online to alert consumers if the security if their information has been breached.

Congress directed the FTC to establish the rule in the economic stimulus law and it became final Aug. 17.

The rule applies to vendors of PHRs, which are online systems that allow consumers to collect and store their medical records in a single location. Microsoft HealthVault and Google Health both offer such services.

The rule also applies to vendors of online applications that interact with the PHRs. Many of the PHRs are not covered by the privacy and security stipulations of the Health Insurance Portability and Accountability Act.

The FTC rule is intended to fill a temporary gap. Under the stimulus law, the Health and Human Services Department, in consultation with the FTC, will need to prepare a report to Congress recommending broader privacy, security and breach notification measures by February 2010. Until Congress acts on those measures, the FTC rule is supposed to close a gap.

The economic stimulus law gave HHS $45 billion to distribute to doctors and hospitals to promote adoption of electronic health records, which are clinical patient records originated by a doctor or hospital. However, HHS also is giving some attention to PHRs. In May, the department began testing a standardized online template for PHRs to give consumers a way to compare one record system with another.

About the Author

Alice Lipowicz is a staff writer for Federal Computer Week.

Reader comments

Thu, Aug 20, 2009 Sean

PHR is the way to go. People need to be responsible of their health. Ever since I became a member of PHRservice.com, I have been making conscientious decisions about my health.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

eSeminar

  • Where Cyberwarfare and Cybersecurity Meet

    We invite you to attend the third event in this three-part series on Cybersecurity. 1105 Government Information Group will present a panel of government and cybersecurity experts including Gregory T. Garcia, the nation's first presidentially-appointed Assistant Secretary for CyberSecurity and Communications with the U.S. Department of Homeland Security, 2006-2008; and Jeffrey Carr, cyber strategies consultant and author of Inside Cyber Warfare, in this editorial webcast on Tuesday, April 13 at 11 a.m., where they will discuss the cyberwarfare threat to both industry and government, as well as strategies to consolidate the wider cybersecurity mission. Read more

Federal Computer Week eNewsletters

  • Subscribe to Newsletters Subscribe

    Federal Computer Week's eNewsletters deliver the latest policy and management news to your inbox.

Highlights from the current issue