Personal health records rule cracks down on vendors

Vendors must notify consumers of breaches

The Federal Trade Commission has released a final rule that requires vendors that provide personal health records (PHRs) online to alert consumers if the security if their information has been breached.

Congress directed the FTC to establish the rule in the economic stimulus law and it became final Aug. 17.

The rule applies to vendors of PHRs, which are online systems that allow consumers to collect and store their medical records in a single location. Microsoft HealthVault and Google Health both offer such services.

The rule also applies to vendors of online applications that interact with the PHRs. Many of the PHRs are not covered by the privacy and security stipulations of the Health Insurance Portability and Accountability Act.

The FTC rule is intended to fill a temporary gap. Under the stimulus law, the Health and Human Services Department, in consultation with the FTC, will need to prepare a report to Congress recommending broader privacy, security and breach notification measures by February 2010. Until Congress acts on those measures, the FTC rule is supposed to close a gap.

The economic stimulus law gave HHS $45 billion to distribute to doctors and hospitals to promote adoption of electronic health records, which are clinical patient records originated by a doctor or hospital. However, HHS also is giving some attention to PHRs. In May, the department began testing a standardized online template for PHRs to give consumers a way to compare one record system with another.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.