On August 25, 2009 the Federal Trade Commission (FTC) published its final rule relating to notification of individuals when their health information is breached. The FTC’s rule, the Health Breach Notification Rule, was enacted pursuant to requirements under the American Recovery and Reinvestment Act of 2009 (ARRA). The Rule applies to both vendors of personal health records (PHR) and entities that offer third-party applications for personal health records. The Rule will apply to breaches of security covered by the Rule that are discovered on or after September 24, 2009.
Click on the link below to download the Client Alert that covers the rule.