The proposed rules for Stage 2 of the HITECH Act electronic health record incentive program "are going to bring a lot of new and challenging privacy and security issues to the forefront," says attorney Adam Greene.
A new committee will update and create policy measures designed to protect personal health information that's shared using a dozen health information exchanges in New York that are being linked in a statewide exchange.
As enterprises spend frugally on IT security, cybercriminals aren't, and that presents big problems for organizations working feverishly to secure their digital assets, says Steve Durbin, global vice president of the Information Security Forum.
The FTC proposes that privacy protections be built at every stage in developing online products and consumers be given the option to decide what information is shared about them and with whom through a do-not-track system.
Although the Obama administration's recently announced Consumer Privacy Bill of Rights shouldn't be seen as the "be-all, end-all," says privacy and data security lawyer Lisa Sotto, they are an important step forward in getting industries and leaders to start thinking about privacy more seriously.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
Federal officials have released a final rule setting guidelines, including privacy and security provisions, for state insurance exchanges, called for under healthcare reform, which must begin operating by 2014.