HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

New Massachusetts identity theft regs overlap with HIPAA, FTC Red Flag rule

November 3, 2008

Massachusetts identity theft regs take effect January 1, 2009.  Any business that does no more than keep a copy of a personal check from a client or customer on file is subject to these new rules, which require implementation of a security program covering any "personal information" maintained in a business' files.  "Personal information" means any non-public linking of a person's name and Social Security Number, driver's license number, or financial account number (debit, credit or bank account number).  The enabling statue does not apply to state government agencies, but Gov. Patrick brought them into the big tent by executive order.

Internal and external security audits and employee training will be required.  

For those lucky enough (!) to be subject to HIPAA already, these requirements will not be that difficult to accommodate, as the new rules cover familiar territory.  However, HIPAA pre-emption analyses and compliance programs will need to be reviewed, to be sure that Massachusetts health care providers, payors and clearinghouses maintain full compliance with both federal and state rules in this area.

Both healthcare and non-healthcare-sector businesses may have to consider doing a further pre-emption analysis, looking at the recently-delayed FTC Red Flag rule.  

If HIPAA regulation and compliance efforts are an indicator, one of the thornier issues to deal with in coming into compliance with these rules will be establishing parameters for remote access of personal information.  Also, as under HIPAA, it will be interesting to see whether private enforcement efforts will be permitted under the new law. 

TOH: Colin Coleman, John Koenig.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting


Filed Under: Health care policy, Health Law, HIPAA, HIT, Hospitals, Massachusetts, Physicians, Privacy

you might also like:

  1. Red Flags Rule: The FTC piles on, because HIPAA, ARRA and overlapping state laws just weren't enough

  2. HIPAA Omnibus Final Rule – What’s in it for Patients?

  3. HIPAA faces the music: New OCR Guidance on the HIPAA Privacy Rule and the Electronic Exchange of Health Information

« Don Berwick, CEO of the Institute for Healthcare Improvement, speaks with David Harlow about the 5 Million Lives Campaign and more
Early returns point to Nurse Ratched's Place . . . »

Follow me on Twitter

David Harlow πŸ’‰πŸ˜· Follow 43,482 17,473

Mastodon @healthblawg@c.im #HealthCare #MedDevice #Compliance #Privacy @MyOmnipod #HIPAA #digitalhealth #HarlowOnHC #pinksocks Tweets are tweets No more no less

healthblawg
healthblawg avatar; David Harlow πŸ’‰πŸ˜· @healthblawg ·
12h 1662576979248402432

ICYMI> QHINs, SDOH, PGHD and more with Steven Lane, CMO at Health Gorilla β€” Harlow on Healthcare https://healthblawg.com/2023/03/steven-lane-health-gorilla.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  QHINs, SDOH, PGHD Twitter feed image.
Reply on Twitter 1662576979248402432 Retweet on Twitter 1662576979248402432 0 Like on Twitter 1662576979248402432 1 Twitter 1662576979248402432
healthblawg avatar; David Harlow πŸ’‰πŸ˜· @healthblawg ·
19h 1662471271165181955

ICYMI> David Sand, CMO of ZeOmega, an #AI-infused engine for β€œpayviders” β€” Harlow on Healthcare https://healthblawg.com/2022/10/david-sand-zeomega.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  David Sand, CMO Twitter feed image.
Reply on Twitter 1662471271165181955 Retweet on Twitter 1662471271165181955 0 Like on Twitter 1662471271165181955 1 Twitter 1662471271165181955
healthblawg avatar; David Harlow πŸ’‰πŸ˜· @healthblawg ·
27 May 1662365845291429890

ICYMI> David Lareau, CEO of Medicomp Systems on TEFCA and More β€” Harlow on Healthcare https://healthblawg.com/2022/02/david-lareau-medicomp-systems.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  David Lareau, CEO Twitter feed image.
Reply on Twitter 1662365845291429890 Retweet on Twitter 1662365845291429890 0 Like on Twitter 1662365845291429890 0 Twitter 1662365845291429890
Load More
Follow me on Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2023
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]