Posted on February 6th, 2010 No comments
In mid-November the U.S. Senate Judiciary Committee approved both the Personal Data Privacy and Security Act and the Data Breach Notification Act, sending the clear message that comprehensive information protection legislation is back on the congressional agenda.
It may strike readers as odd to say “it’s back,” but consider that both the HITECH (Health Information Technology for Economic and Clinical Health Act) amendments to HIPAA (Health Insurance Portability and Accountability Act) and the Red Flag Rule were driven from outside Congress. (HITECH was actually born of the new administration’s stimulus package, and Red Flag is actually a regulatory rule change by the Federal Trade Commission.) The numerous proposed data protection bills of a few years back were killed by committee jurisdictional issues, an unsupportive administration and other priorities on the national agenda. Frustration over this situation took data protection out of serious congressional consideration for the last two or three years.
While no one can argue the national agenda has been cleared of other issues, many privacy watchers say they believe the time is ripe to move its promises of comprehensive data protection legislation forward.
In the meantime, NAID will do its best to keep members abreast of developments and exert its influence if and when the time is necessary.
By Bob Johnson – the executive director of the National Association for Information Destruction
[email protected]National Association for Information Destruction Bob Johnson, Data Breach Notification Act, HIPAA (Health Insurance Portability and Accountability Act), HITECH (Health Information Technology for Economic and Clinical Health Act), naid, National Association for Information Destruction, Personal Data Privacy and Security Act