Training Proposed After TRICARE Breach

Howard Anderson writes:

The Department of Defense and two other government agencies have issued a proposed rule designed to help ensure that government contractors provide adequate privacy training to their staff members. The proposal comes in the wake of a recent healthcare information breach incident involving a contractor to TRICARE, the military health program.

Read more on GovInfoSecurity.

As an aside, SAIC reportedly did not seem to think they were obligated to provide individual notification under HIPAA/HITECH, saying, instead, that they were complying with Department of Defense guidelines.   So the DOD gives individuals more protection and notification rights than HIPAA/HITECH?  Interesting.  This is where some uniformity would help.

Thanks to PRC_Amber for the link.

About the author: Dissent

Comments are closed.