Information Security in Virtual Space? You've got to be joking. Use the pigeon. It's safer.
That tale is a tacit admission that information security guarantees are an impossible dream.
New data breach rules for US healthcare providers have come under criticism from a security firm that specialises in encryption. As part of the Health Information Technology for Economic and Clinical Health (HITECH) Act, which comes into effect from 23 September, health organisations in the US that use encryption will no …
I don't know which is scarier; that health organisations in the US that use encryption will no longer be obliged to notify clients of breaches, or that they named an act the "Health Information Technology for Economic and Clinical Health" Act, including a redundancy, just so its initials spelled "HITECH".
Who comes up with ideas? It's obviously time to take all personal data out of the digital age as governments and corps can simply not be trusted with it.
Yes, I know it's a little late for that but we need to limit the damage somehow. The jackasses in charge obviously don't get it.
PS Alacrity Fitzhugh nice encryption method.
Encryption is not the only problem - the states that do have risk as a criteria for notification (as opposed to a strict requirement on breach) usually frame it as a risk of the malicious use of data.
Risk of significant harm is a totally different level - especially as all the class action lawsuits keep getting thrown out as the courts say that no-one can show any harm - even when the data is stolen by criminals who intend to use it to steal money!
This article is misleading. Prior to the President signing the American Recovery and Reinvestment Act (including the HITECH Act) there was no notification requirement at all for a breach of health information, unless that breach fell within the scope of existing state breach notification laws. To say providers "...will no longer be obliged to notify clients..." makes it sound like they're taking a step backwards when in fact they're taking a big step forward. The Department of Health and Human Services is one of the few federal agencies that actually seems to get it when it comes to security and privacy. I'm not sure why anyone would slam their efforts. If anything, you should be encouraging other federal agencies to follow their lead.
I hope that the quote by Mark Bower was taken out of context because it barely makes sense. Anybody that doesn't appreciate the challenges that the Department of Health and Human Services faces clearly hasn't attempted to do this type of work themselves.
Biting the hand that feeds IT © 1998–2021