“The Florida Information Protection Act of 2014 (FIPA), which became effective July 1, 2014, expanded the requirements on covered entities that acquire, maintain, store or use personal information of Floridians. As part of a growing trend in state legislatures, Florida’s new data breach and security law expands notification requirements on covered entities that experience a breach of security. These new requirements should be reviewed by any entity with a presence in Florida.”
Guess what…. That applies to treatment providers as well. This simply adds an additional, if not concurrent, layer of regulation above HIPAA (“The Health Insurance Portability and Accountability Act of 1996”) at the state level and gives local authorities the ability to enforce privacy protections for PHI.
Then again, if DOH/ACHA/DCF had more money from the Florida Legislature to enforce these laws…….
Read about it here.