Medical data breaches: notification delayed is notification denied

Patrick Kierkegaard

doi:10.1016/j.clsr.2012.01.003

Medical data breaches: notification delayed is notification denied

Patrick Kierkegaard

Department of Computer Science

18 Citations (Scopus)

Abstract

The EU and the United States have implemented data breach notification rules that cover the health sectors. Nevertheless, data breach incidents involving medical data continue to rise, especially in the US and the UK. The HITECH Act, Pub. L. 111-5 Title XIII is the first federal health breach notification law in the US to be characterized by less government intrusions, while the revised EU Privacy Directive, 2009/136/EC calls for tougher privacy protection for data held by electronic communication providers. While the EU law sets a global de facto standard, the law remains toothless without strong enforcement mechanisms.

Original language	English
Journal	Computer Law & Security Review
Volume	28
Issue number	2
Pages (from-to)	163-183
Number of pages	21
ISSN	0267-3649
DOIs	https://doi.org/10.1016/j.clsr.2012.01.003
Publication status	Published - Apr 2012

Keywords

Faculty of Science
Data breach
Electronic Medical record
HITECH Act, Pub. L. 111-5 Title XII
HIPA Act Pub. L. 104-19
Directive 2009/136/E
Personal Health Record
Electronic Health Record
Faculty of Health and Medical Sciences
Data breach
Electronic Medical record
HITECH Act, Pub. L. 111-5 Title XII
HIPA Act Pub. L. 104-19
Directive 2009/136/E
Personal Health Record
Electronic Health Record
Faculty of Law
Data breach
Electronic Medical record
HITECH Act, Pub. L. 111-5 Title XII
HIPA Act Pub. L. 104-19
Directive 2009/136/E
Personal Health Record
Electronic Health Record

Access to Document

10.1016/j.clsr.2012.01.003

Medical data breaches: Notification delayed is notification deniedFinal published version, 343 KB

Cite this

@article{a3b52e41bf0c4b88a52c3185f276a8ea,

title = "Medical data breaches: notification delayed is notification denied",

abstract = "The EU and the United States have implemented data breach notification rules that cover the health sectors. Nevertheless, data breach incidents involving medical data continue to rise, especially in the US and the UK. The HITECH Act, Pub. L. 111-5 Title XIII is the first federal health breach notification law in the US to be characterized by less government intrusions, while the revised EU Privacy Directive, 2009/136/EC calls for tougher privacy protection for data held by electronic communication providers. While the EU law sets a global de facto standard, the law remains toothless without strong enforcement mechanisms.",

keywords = "Faculty of Science, Data breach , Electronic Medical record, HITECH Act, Pub. L. 111-5 Title XII, HIPA Act Pub. L. 104-19, Directive 2009/136/E, Personal Health Record, Electronic Health Record, Faculty of Health and Medical Sciences, Data breach, Electronic Medical record, HITECH Act, Pub. L. 111-5 Title XII, HIPA Act Pub. L. 104-19, Directive 2009/136/E, Personal Health Record, Electronic Health Record, Faculty of Law, Data breach , Electronic Medical record, HITECH Act, Pub. L. 111-5 Title XII, HIPA Act Pub. L. 104-19, Directive 2009/136/E, Personal Health Record, Electronic Health Record",

author = "Patrick Kierkegaard",

year = "2012",

month = apr,

doi = "10.1016/j.clsr.2012.01.003",

language = "English",

volume = "28",

pages = "163--183",

journal = "Computer Law and Security Review",

issn = "0267-3649",

publisher = "Elsevier Advanced Technology",

number = "2",

}

TY - JOUR

T1 - Medical data breaches

T2 - notification delayed is notification denied

AU - Kierkegaard, Patrick

PY - 2012/4

Y1 - 2012/4

N2 - The EU and the United States have implemented data breach notification rules that cover the health sectors. Nevertheless, data breach incidents involving medical data continue to rise, especially in the US and the UK. The HITECH Act, Pub. L. 111-5 Title XIII is the first federal health breach notification law in the US to be characterized by less government intrusions, while the revised EU Privacy Directive, 2009/136/EC calls for tougher privacy protection for data held by electronic communication providers. While the EU law sets a global de facto standard, the law remains toothless without strong enforcement mechanisms.

AB - The EU and the United States have implemented data breach notification rules that cover the health sectors. Nevertheless, data breach incidents involving medical data continue to rise, especially in the US and the UK. The HITECH Act, Pub. L. 111-5 Title XIII is the first federal health breach notification law in the US to be characterized by less government intrusions, while the revised EU Privacy Directive, 2009/136/EC calls for tougher privacy protection for data held by electronic communication providers. While the EU law sets a global de facto standard, the law remains toothless without strong enforcement mechanisms.

KW - Faculty of Science

KW - Data breach

KW - Electronic Medical record

KW - HITECH Act, Pub. L. 111-5 Title XII

KW - HIPA Act Pub. L. 104-19

KW - Directive 2009/136/E

KW - Personal Health Record

KW - Electronic Health Record

KW - Faculty of Health and Medical Sciences

KW - Data breach

KW - Electronic Medical record

KW - HITECH Act, Pub. L. 111-5 Title XII

KW - HIPA Act Pub. L. 104-19

KW - Directive 2009/136/E

KW - Personal Health Record

KW - Electronic Health Record

KW - Faculty of Law

KW - Data breach

KW - Electronic Medical record

KW - HITECH Act, Pub. L. 111-5 Title XII

KW - HIPA Act Pub. L. 104-19

KW - Directive 2009/136/E

KW - Personal Health Record

KW - Electronic Health Record

U2 - 10.1016/j.clsr.2012.01.003

DO - 10.1016/j.clsr.2012.01.003

M3 - Journal article

SN - 0267-3649

VL - 28

SP - 163

EP - 183

JO - Computer Law and Security Review

JF - Computer Law and Security Review

IS - 2

ER -

Medical data breaches: notification delayed is notification denied

Abstract

Keywords

Access to Document

Fingerprint

Cite this