|
This GIS is being issued to correct errors in GIS 06MA/002 issued on 01/06/06. Chapter 442 of the Laws of 2005, enacted on August 9, 2005, with an effective date of December 7, 2005, entitled the "Information Security Breach and Notification Act," amends the State Technology Law Section 208. These provisions require all Local Department of Social Services offices to notify Medicaid enrollees, applicants and respective governmental offices (i.e., Attorney General, Consumer Protection Board and the Office of Cyber Security & Critical Infrastructure Coordination) of the unauthorized acquisition of private information which resulted from a breach of information security. Local departments of social services (LDSS) must enact policies to perform required action described below. Penalties are established by the Federal Office of Civil Rights for failure to notify Medicaid enrollees and applicants and respective government offices of the unauthorized acquisition of private information due to a breach of information security.
|
