Home
Services
Preferred Partners
About Us
Contact Us
 
 

Training
       Solutions
   
 

Management Training -
Introducing RLL Solutions, LLC
new strategic leadership
training series.  Click Here
to review a short video explaining the curriculum that can empower leaders in your organization.
 

Customized Digital
Training -
 Why settle for standard "high level" HIPAA training when you need something to drive business results and provide the workforce with your best practices?  Check out information on customized digital presentations for your organization.
 
 

News and Views

 

N-Tegrity Solutions Group keeps editorial content focused on the pulse of the issues important to our client base.  Read recent questions or requests from our most important asset - YOU!
 
 

New Trends in Identity Theft Regulations
   
 

 

 

Many states have adopted legislation to require consumer and law enforcement notification when a security breach occurs that compromises personal information. These regulations will apply to medical and health insurance information if that information has been breached and if it contains information that is typical of an identity theft such as social security numbers.

However, most of the core medical information or health insurance information maintained by health care providers, health insurers or their contractors will have data elements that are not considered in these existing regulations as personal information.

In response to this, California recently enacted an Assembly bill that expands the scope of existing confidentiality and privacy regulations and identity theft laws.  A copy of that legislation is provided:  ab_1298_bill_20071014_chaptered.pdf

The key distinction is an expansion of the definition of personal information. Current regulations require notification upon any breach of non encrypted computerized personal information; the regulations define personal information to include the individual’s name or first initial and last name and data elements such as financial data, social security numbers, credit card information and so forth.

The new California legislation expands the definition by applying its principles to medical information. This is clearly in recognition of the potential for harm by medical identity theft as well as damage by unauthorized access to computerized medical information. The proliferation of health information technology, specifically electronic medical records, personal health records and related, and the increased access created by remote devices, the Internet etc all have contributed to the need to expand current law.

Thus this regulation adds medical information or health insurance information to the data elements, that when combined with the individual’s name or first initial and last name constitute personal data (which is subject to the provisions of the new regulation).

Submitted By: David Ginsberg -  PrivaPlan Associates, Inc. 

   

Copyright (c) 2007 N-Tegrity Solutions Group. LLC. All rights reserved.