Will the Personal Data Notification and Protection Act impact current breach notification requirements?

President Obama is calling for a national standard for data breach notification. The proposed standard will require notification to customers within 30 days of discovering the breach.

According to Obama during a 15-minute speech he made at the Federal Trade Commission, "It's one of those new challenges in our modern society that crosses the old divides transcends politics, transcends ideology. Liberal, conservative, Democrat, Republican, everybody is online, and everybody understands the risks and vulnerabilities as well as opportunities that are presented by this new world."

Currently, following a breach of unsecured protected health information, covered entities must provide notification of the breach to affected individuals within 60 days.

Will Obama's request for notification to customers within 30 days of discovering the breach impact the current 60 day HHS requirement? It's possible.

We will be monitoring the Personal Data Notification and Protection Act and will watch for any recommendations to change the current 60 day HHS requirement.

If you have any questions about breach notification requirements or if you have any questions about HCP's Breach Determination and Breach Mitigation services, please feel free to comment below or send us an email [email protected] or reach us by phone 855-427-0427.