Personal health records rule cracks down on vendors

Vendors must notify consumers of breaches

The Federal Trade Commission has released a final rule that requires vendors that provide personal health records (PHRs) online to alert consumers if the security if their information has been breached.

Congress directed the FTC to establish the rule in the economic stimulus law and it became final Aug. 17.

The rule applies to vendors of PHRs, which are online systems that allow consumers to collect and store their medical records in a single location. Microsoft HealthVault and Google Health both offer such services.

The rule also applies to vendors of online applications that interact with the PHRs. Many of the PHRs are not covered by the privacy and security stipulations of the Health Insurance Portability and Accountability Act.

The FTC rule is intended to fill a temporary gap. Under the stimulus law, the Health and Human Services Department, in consultation with the FTC, will need to prepare a report to Congress recommending broader privacy, security and breach notification measures by February 2010. Until Congress acts on those measures, the FTC rule is supposed to close a gap.

The economic stimulus law gave HHS $45 billion to distribute to doctors and hospitals to promote adoption of electronic health records, which are clinical patient records originated by a doctor or hospital. However, HHS also is giving some attention to PHRs. In May, the department began testing a standardized online template for PHRs to give consumers a way to compare one record system with another.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.