Requirements / bdf03f837dae98e9

This is a normalized obligation summary extracted deterministically from regulatory text. The structured fields below are parsed from the source—not AI-generated summaries.

Mandatory FINAL

Obligation Structure

Actor: entity
Modality: Mandatory
Duty: records or PHR related entity that discovers a breach of breach of

Source Text

A vendor of personal health records or PHR related entity that discovers a breach of security shall provide notice of such breach to an individual promptly, as described in § 318.4 (regarding timeliness of notification), and in the following form:

Source Document: 2024-10855

Agency: Federal Trade Commission

CFR Parts: 16 CFR 318

Requirement Type: other

Lifecycle History

2/12/2026 ADDED — → FINAL 2024-10855

Subscribe to Updates

RSS Feed for this Obligation

Get notified when this obligation is modified in proposed, final, or codified rules.

Stable ID: bdf03f837dae98e9