Health Breach Notification Rule

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf gptkb:United_States_federal_law
gptkbp:appliesTo PHR related entities
entities not covered by HIPAA
third-party service providers
vendors of personal health records
gptkbp:codifiedIn gptkb:16_CFR_Part_318
gptkbp:definitionOfBreach unauthorized acquisition of unsecured PHR information
gptkbp:enforcedBy gptkb:Federal_Trade_Commission
https://www.w3.org/2000/01/rdf-schema#label Health Breach Notification Rule
gptkbp:legalBasis gptkb:American_Recovery_and_Reinvestment_Act_of_2009
gptkbp:notificationDeadline without unreasonable delay and no later than 60 calendar days after discovery
gptkbp:penalty civil penalties
gptkbp:publishedIn gptkb:Federal_Register
gptkbp:purpose protect consumers' health information privacy
gptkbp:relatedTo gptkb:HIPAA_Breach_Notification_Rule
gptkbp:requires notification of breaches of unsecured health information
gptkbp:requiresNotificationTo gptkb:Federal_Trade_Commission
affected individuals
media (in certain cases)
gptkbp:scope electronic personal health records
gptkbp:startDate September 24, 2009
gptkbp:bfsParent gptkb:Federal_Trade_Commission
gptkbp:bfsLayer 4