AUG 26, 2009 4:38am ET

Related Links

Beyond Big Data: Consider the Impact of Emerging Technologies on Data Management
September 19, 2014
Customer Experience Increasingly the Focus of Big Data Projects
September 19, 2014
New and Updated Product News from IBM, Qlik, Embarcadero, Others
September 19, 2014

Web Seminars

Essential Guide to Using Data Virtualization for Big Data Analytics
September 24, 2014
Integrating Relational Database Data with NoSQL Database Data
October 23, 2014

FTC Breach Rule Now Official


The Federal Trade Commission on Aug. 25 published in the Federal Register its final rule governing the reporting of data breaches by vendors of personal health records and online applications that interact with PHRs.

The rule has been available for more than a week but publication starts the clock on compliance (see The rule is effective Sept. 24, 2009, with full compliance required by Feb. 22, 2010. The rule explains the selected dates as follows:

"Two commenters expressed concern that the effective compliance date of 30 calendar days from the date of publication of this final rule would not allow covered entities sufficient time to come into compliance. In response, the Commission notes that the effective compliance date is mandated by the Recovery Act. Moreover, as discussed above, the Commission believes that in many instances the rule will apply to entities that already have obligations to provide notification of data breaches under certain state laws covering medical breaches. As a result, these entities can build upon their existing programs in order to come into compliance with this final rule. Nevertheless, the Commission has determined that it will use its enforcement discretion to refrain from imposing sanctions for failure to provide the required notifications for breaches that are discovered before February 22, 2010."

The Department of Health and Human Services recently published a separate rule that governs notification of data breaches by HIPAA-covered entities (see

The official final FTC rule is available at

This article can also be found at

Get access to this article and thousands more...

All Information Management articles are archived after 7 days. REGISTER NOW for unlimited access to all recently archived articles, as well as thousands of searchable stories. Registered Members also gain access to:

  • Full access to including all searchable archived content
  • Exclusive E-Newsletters delivering the latest headlines to your inbox
  • Access to White Papers, Web Seminars, and Blog Discussions
  • Discounts to upcoming conferences & events
  • Uninterrupted access to all sponsored content, and MORE!

Already Registered?

Filed under:


Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
You must be registered to post a comment.
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Login  |  My Account  |  White Papers  |  Web Seminars  |  Events |  Newsletters |  eBooks
Please note you must now log in with your email address and password.