Medical data breaches: notification delayed is notification denied

Research output: Contribution to journalJournal articleResearchpeer-review

Patrick Kierkegaard

The EU and the United States have implemented data breach notification rules that cover the health sectors. Nevertheless, data breach incidents involving medical data continue to rise, especially in the US and the UK. The HITECH Act, Pub. L. 111-5 Title XIII is the first federal health breach notification law in the US to be characterized by less government intrusions, while the revised EU Privacy Directive, 2009/136/EC calls for tougher privacy protection for data held by electronic communication providers. While the EU law sets a global de facto standard, the law remains toothless without strong enforcement mechanisms.
Original languageEnglish
JournalComputer Law & Security Review
Volume28
Issue number2
Pages (from-to)163-183
Number of pages21
ISSN0267-3649
DOIs
Publication statusPublished - 2012

    Research areas

  • The Faculty of Science - Data breach , Electronic Medical record, HITECH Act, Pub. L. 111-5 Title XII, HIPA Act Pub. L. 104-19, Directive 2009/136/E, Personal Health Record, Electronic Health Record
  • The Faculty of Health and Medical Sciences - Data breach, Electronic Medical record, HITECH Act, Pub. L. 111-5 Title XII, HIPA Act Pub. L. 104-19, Directive 2009/136/E, Personal Health Record, Electronic Health Record
  • The Faculty of Law - Data breach , Electronic Medical record, HITECH Act, Pub. L. 111-5 Title XII, HIPA Act Pub. L. 104-19, Directive 2009/136/E, Personal Health Record, Electronic Health Record

ID: 37373946