Status of identity and privacy related AZ Legislative bills April 20, 2006 Mike Keeling ATIC, Chair.

Slides:

Advertisements

Similar presentations

HOW TO RESPOND TO A DATA BREACH: ITS NOT JUST ABOUT HIPAA ANYMORE The Fourteenth National HIPAA Summit March 29, 2007 Renee H. Martin, JD, RN, MSN Tsoules,

Advertisements

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.

Overview of the Privacy Act

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

1 Navigating the Privacy and Security Issues: HITECH Overview Rebecca L. Williams, RN, JD Partner Co-chair of HIT/HIPAA Practice Davis Wright Tremaine.

1 Evolution and Refinement: Recent Texas Legislative Efforts on Medical Records, Corporate Practice, and Other Issues Brandy Schnautz Mann Jackson Walker.

Key Changes to HIPAA from the Stimulus Bill (ARRA) Children’s Health System Department Leadership Meeting October 28, 2009 Kathleen Street Privacy Officer/Risk.

W W W. L E C L A I R R Y A N. C O M Revisiting the PHI Breach Under HIPAA and HITECH and Considerations for Ophthalmologists Neil H. Ekblom, Esq. 885 Third.

HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

I.D. Theft Alaska’s New Protection of Personal Information Act Ed Sniffen Senior Assistant Attorney General Alaska Department of Law.

Helping you protect your customers against fraud Division of Finance and Corporate Securities.

A Summary of CS for House Bill 65 (Jud) – A Presentation to the HCCA Alaska Local Annual Conference Joan Wilson Asst Attorney General State of Alaska

© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.

PRIVACY BREACHES A “breach of the security of the system”: –Is the “unauthorized acquisition of computerized data that compromises the security, confidentiality,

Computers, Freedom and Privacy April 23, 2004 Identity Theft: Addressing the Problem in California Joanne McNabb, Chief CA Office of Privacy Protection.

Consumer Privacy & Protection Joanna Acocella May 22, 2007.

SC Identity Theft Act and Red Flag Rules Stephanie O’Cain, CPA Municipal Association of SC October 6, 2009.

Identity Theft & Data Security Concerns Are You Meeting Your Obligations to Protect Customer Information? Finance & Administration Roundtable February.

Red Flags Rule & Municipal Utilities

Data Privacy and Security: Overview and Update Beth Cate Associate University Counsel.

Responding to a Data Security Breach

March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.

Security Breach Notification © 2009 Fox Rothschild A Webinar for the Medical Society of New Jersey October 28, 2009 Presented by Helen Oscislawski, Esq.

Steven D. Grimberg United States Attorney’s Office Northern District of Georgia DATA SECURITY BREACHES.

An Act Relative to Security Freezes and Notification of Data Breaches Chapter 82 of the Acts of 2007 Massachusetts Digital Government Summit Securing Private.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

1 Information and Systems Security/Compliance Security Day The Information and Systems Security/Compliance Program Dave Kovarik.

© 2003, EDUCAUSE Information Privacy: Public Policy and Institutional Policies Rodney J. Petersen Policy Analyst, EDUCAUSE EDUCAUSE/Internet2 Security.

Employee Law Module What you need to do to protect credit history and the documents that you will need for employment. The information in this module comes.

- What it means to Conservation Districts - Training Module 6.

1Copyright Jordan Lawrence. All rights reserved. Annual In-House Symposium Practical Steps to Minimize Privacy Risks: Understanding The Intersection.

Milada R. Goturi Tonya M. Oliver Thompson Coburn LLP 1.

Sharing Low-Income Customer Information Water & Energy Utilities LIOB Meeting - January 2009 Seaneen M Wilson Division of Water & Audits.

Federal And State Consumer Enforcement Actions. New Federal and State Authority The Bureau of Consumer Financial Protection State Attorneys General.

Enterprise data (decentralized control, data security and privacy) Incident Response: State and Federal Law Rodney Petersen Security Task Force Coordinator.

FTC RED FLAG RULE As many as nine million Americans have their identities stolen each year. Identity thieves may drain their accounts, damage their credit,

Dealing with Business Associates Business Associates Business Associates are persons or organizations that on behalf of a covered entity: –Perform any.

LAW SEMINARS INTERNATIONAL CLOUD COMPUTING: LAW, RISKS AND OPPORTUNITIES Developing Effective Strategies for Compliance With the HITECH Act and HIPAA’s.

Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP

Florida Information Protection Act of 2014 (FIPA).

Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.

The Government Collection Triangle NC Debt Setoff Garnishments Collection Agency Summer 2008 Angela E. Munsie Forsyth County EMS.

Breach vs. Security Incident A security incident is an actual or suspected occurrence of: Damage, destruction, unauthorized access or disclosure of.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

Available from BankersOnline.com/tools 1 FACT ACT RED FLAG GUIDELINES.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

CAHF 2010 HIPAA II and HITECH “Your Plan” Rhonda Anderson, RHIA, President Lizeth Flores, RHIT, Consultant Anderson Health Information Systems, Inc. 940.

HealthBridge is one of the nation’s largest and most successful health information exchange organizations. Tri-State REC: Privacy and Security Issues for.

Davis Wright Tremaine LLP Responding to Your Worst Security Breach Nightmare: When Patient Information Is Stolen Rebecca L. Williams, R.N., J.D. Partner.

HITECH and HIPAA Presented by Rhonda Anderson, RHIA Anderson Health Information Systems, Inc

HOW TO RESPOND TO A DATA BREACH: IT’S NOT JUST ABOUT HIPAA ANYMORE The Thirteenth National HIPAA Summit  September 26, 2006 Renee H. Martin, JD, RN, MSN.

Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.

1 Identity Theft Prevention and the Red Flag Rules.

PHI Breach PHI Breach Dealing Breach With HIPAA Guidelines Guidelines.

DOL Employee Benefit Plan Audits & How to Prepare

HIPAA THE PRIVACY RULE Reviewed December 2012.

Protection of CONSUMER information

Florida Information Protection Act of 2014 (FIPA)

Florida Information Protection Act of 2014 (FIPA)

Chapter 3: IRS and FTC Data Security Rules

Alabama Data Breach Notification Act: What 911 Districts Need to Know

Mandatory Breach Reporting (isn’t *that* bad)

National HIPAA Audioconferences

Getting the Green Light on the Red Flags Rule

Presentation transcript:

Status of identity and privacy related AZ Legislative bills April 20, 2006 Mike Keeling ATIC, Chair

Three Bills of Interest SB 1338 Personal information, security breach, notification SB 1347 Freezing consumer reports; identify theft HB 2351 Identity theft omnibus HB2024 Government anti-identification theft assessment

SB1338; Personal information, Security breach, Notification Business Owners/operators Unencrypted computerized data w/ personal information Notification in most expedient manner Nature and scope of breach Written, electronic, phone call May be delayed by law enforcement Exempts HIPAA and Gramm-Leach-Bliley Only enforced by AZ Attorney General Actual damages + civil penalty <$10,000 Preempts similar city and county rules

SB1347; Freezing consumer reports; Identify theft Consumer may place freeze on personal ‘consumer report’ as issued by consumer reporting agency (CRA) CRA prohibited from releasing info Effective within 10 days of notice Must be lifted within 3 days of notice 3 rd parties may treat application for credit during ‘freeze period’ as ‘incomplete’ $15 fee to freeze/un-freeze, CPI adjusted

HB2351; Identify theft omnibus Min. jail penalties for identify theft Take identify = 60 days Aggravated identity theft = 270 days Trafficking in identity of others = 1 yr Extraterritorial search warrants Execute search warrant outside of AZ Service by electronic means Limited to electronic/paper records

HB2351; Identify theft omnibus – Con’t Disclosure Any breach, following discovery of breach Every resident affected must be notified Notify law enforcement & CRA < 48 hrs Defines disclosure (see SB 1338) NO waiver allowed (Contractually) County Attorney or AZ AG can enforce $500 Civil penalty/individual NOT notified If NOT notified, Reimburse - actual costs Exception if data encrypted/good faith Exception for Fed Law compliance

HB2351; Identify theft omnibus – Con’t Record disposal (Businesses) Prohibits discarding PI records not Shredded Erased Modified to make unreadable Violation - reimburse each customer Actual and secondary costs Civil penalty, greater of $10,000 or actual loss Costs of County Attorney or AZ AG Affirmative defenses Compliance with federal law Use due diligence

HB2024; Gov’t Anti-identification and theft assessment Government establish procedures Ensure collected info cannot be accessed by unauthorized persons Entity identifying information Personal identifying information Excepts public records Defines Identifying information, Personal identifying information Governmental agency (State and Local)

Identity Theft Resource Center Federal Trade Commission idtheft ( )

ID Theft ID Theft: When Bad Things Happen To Your Good Name [TEXT] [PDF] idtheft ( )

Privacy Rights Clearinghouse (619)