Florida Information Protection Act (FIPA) Has More Stringent Notice Requirements than Federal Law

Thursday, July 2, 2015
By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law


In 2014, the Florida Legislature passed, SB 1524, which was signed into law on June 20, 2014. It became effective on July 1, 2014. This law, codified as Section 501.171, Florida Statues (2014), contains broader provisions than federal law for providing notice when there is a breach of or accidental release of personal individuals' information. It applies to much more than medical information; it applies to various types of information that could be used for identity theft or to compromise consumer security.

The Health Insurance Portability and Accountability Act (HIPAA), the Federal Trade Commission (FTC) Act, and their implementing Federal Regulations, have provisions that require notice under certain circumstances when there is a data breach. These federal authorities apply in every state and can be reviewed elsewhere. The newly enacted FIPA applies in Florida and has different, more stringent notice provisions from the federal authorities.

FIPA requires:
 
Notification to the individual within 30 days after the determination of the breach.    

If determination is not to report, then a written report with this determination must be made to the Department within 30 days.

There are many other provisions in the FIPA. Attorneys, health professionals, data management personnel and others practicing in this area should become familiar with it.
 
Comments?

What are your thoughts on the Florida Information Protection Act (FIPA)? Do you think it will be difficult for health professionals to comply? Please leave any thoughtful comments below.


Contact an Experienced Health Care Attorney.


The attorneys of The Health Law Firm represent physicians, medical groups, nursing homes, home health agencies, pharmacies, hospitals, and other health care providers and institutions in investigations and defending alleged HIPAA and FIPA complaints and violations and in advising on data breaches.

To contact the Health Law Firm, please call (407) 331-6620 or (850) 439-1001 and visit our website at www.TheHealthLawFirm.com


 
 
 About the Author: George F. Indest III, J.D., M.P.A., LL.M., is Board Certified by The Florida Bar in Health Law. He is the President and Managing Partner of The Health Law Firm, which has a national practice. Its main office is in the Orlando, Florida area. www.TheHealthLawFirm.com The Health Law Firm, 1101 Douglas Ave., Altamonte Springs, FL 32714, Phone: (407) 331-6620.
 
 
KeyWords: Health Insurance Portability and Accountability Act (HIPAA), Florida Information Protection Act (FIPA), privacy regulation, Federal Trade Commission (FTC), HIPAA compliance, data breach, FIPA compliance, privacy, privacy breach, defense attorney, defense lawyer, HIPAA attorney, FIPA attorney, HIPAA lawyer, FIPA lawyer, The Health Law Firm reviews


 
"The Health Law Firm" is a registered fictitious business name of George F. Indest III, P.A. - The Health Law Firm, a Florida professional service corporation, since 1999.
Copyright © 1996-2015 The Health Law firm. All rights reserved.
7/2/2015

Like this blog? Add your public comments:

Items in bold indicate required information.