Earlier today the Federal Trade Commission issued its long-awaited final report "Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers" focusing on three primary principles: 1) Privacy by Design; 2) Simplified Choice for Businesses and Consumers; and 3) Greater Transparency. The vote approving the report was 3-1. Commissioner J. Thomas Rosch dissented from the issuance of the Final Privacy Report.
Many of you probably read earlier this month that California's Office of Administrative Law approved the California Department of Insurance's proposal to repeal certain privacy regulations. The California changes actually have greater significance than may be apparent on a quick glance. Although rarely noted in the media coverage, State insurance privacy regulations across the country (not just in California) find their roots in the federal Gramm Leach Bliley Act, so California's decision to make such changes provides a helpful illustration of the extraordinarily complex and confusing web of privacy regulation that governs even small organizations in this country. Also, California's move with respect to these changes contravenes the conventional wisdom that California is a renegade pro-consumer state when it comes to privacy regulation. Many of our followers have asked me to break down this newest California development, so here goes.
This post is Part Two of my FAQ on the proposed modifications to the HIPAA Rules issued by HHS last week. Part Two focuses on the proposed modifications to the Privacy Rule.