Personal health records rule cracks down on vendors

Vendors must notify consumers of breaches

The Federal Trade Commission has released a final rule that requires vendors that provide personal health records (PHRs) online to alert consumers if the security if their information has been breached.

Congress directed the FTC to establish the rule in the economic stimulus law and it became final Aug. 17.

The rule applies to vendors of PHRs, which are online systems that allow consumers to collect and store their medical records in a single location. Microsoft HealthVault and Google Health both offer such services.

The rule also applies to vendors of online applications that interact with the PHRs. Many of the PHRs are not covered by the privacy and security stipulations of the Health Insurance Portability and Accountability Act.

The FTC rule is intended to fill a temporary gap. Under the stimulus law, the Health and Human Services Department, in consultation with the FTC, will need to prepare a report to Congress recommending broader privacy, security and breach notification measures by February 2010. Until Congress acts on those measures, the FTC rule is supposed to close a gap.

The economic stimulus law gave HHS $45 billion to distribute to doctors and hospitals to promote adoption of electronic health records, which are clinical patient records originated by a doctor or hospital. However, HHS also is giving some attention to PHRs. In May, the department began testing a standardized online template for PHRs to give consumers a way to compare one record system with another.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.