Identity theft and information-based fraud is the fastest growing crime in the US
The Health Insurance Portability Act is a federal law to prevent abuses of personal health information, including unauthorized access. It is administered by the US Department of Health and Human Services and it is enforced by the US Office of Civil Rights.
HIPAA / HITECH
Modification to the HIPAA Privacy, Security and Enforcement Rules under the Health Information Technology for Economic and clinical Health Act (HITECH) to strengthen the privacy and security of health information, and to improve the workability and effectiveness of the HIPAA Rules.
- Health data breach notification
- Applicable regulatory compliance extended to Business Associates
- Updated Business Associate agreements required
- Fine and enforcement structure enhanced & made mandatory
- Formal Investigation required if "willful neglect" is suggested
- Fines REQUIRED at established amounts
- States Attorney General charged with enforcement
The Fair and Accurate Credit Transaction Act is a federal law designed to reduce the risk of consumer fraud and identity theft, created by improper disposal of information. The FACTA disposal rule is enforced by the FTC (Federal Trade Commission), and pretty much applies to every person and business in the United States.
THE GRAMM-LEACH-BLILEY ACT: THE SAFEGUARDS RULE
Enforced by the Federal Trade Commission, requires financial institutions to have a security plan to protect the confidentiality and integrity of personal consumer information.
TEXAS BUSINESS & COMMERCE CODE (CHAPTER 72)
When a business disposes of a business record that contains personal identifying information of a customer of the business, the business shall modify, by shredding, erasing, or other means, the personal identifying information to make it unreadable or undecipherable.
THE RED FLAGS RULE
Requires businesses and organizations to implement a Written Identity Theft Prevention Program designed to detect the warning signs ("Red Flags") of identity theft in their day-to-day operations.