(1) A covered entity under the federal health insurance portability and accountability act of 1996, 42 U.S.C. § 1320d et seq., is deemed to have complied with the requirements of this chapter with respect to protected health information if it has complied with section 13402 of the federal health information technology for economic and clinical health act, P.L. 111-5 as it existed on July 24, 2015. Covered entities shall notify the attorney general pursuant to RCW 19.255.010(7) in compliance with the timeliness of notification requirements of section 13402 of the federal health information technology for economic and clinical health act, P.L. 111-5 as it existed on July 24, 2015, notwithstanding the timeline in RCW 19.255.010(7).

Ask a business law question, get an answer ASAP!
Thousands of highly rated, verified business lawyers.
Click here to chat with a lawyer about your rights.

Terms Used In Washington Code 19.255.030

  • Corporation: A legal entity owned by the holders of shares of stock that have been issued, and that can own, receive, and transfer property, and carry on business in its own name.
  • Federal Reserve System: The central bank of the United States. The Fed, as it is commonly called, regulates the U.S. monetary and financial system. The Federal Reserve System is composed of a central governmental agency in Washington, D.C. (the Board of Governors) and twelve regional Federal Reserve Banks in major cities throughout the United States. Source: OCC
  • National Credit Union Administration: The federal regulatory agency that charters and supervises federal credit unions. (NCUA also administers the National Credit Union Share Insurance Fund, which insures the deposits of federal credit unions.) Source: OCC
(2) A financial institution under the authority of the office of the comptroller of the currency, the federal deposit insurance corporation, the national credit union administration, or the federal reserve system is deemed to have complied with the requirements of this chapter with respect to “sensitive customer information” as defined in the interagency guidelines establishing information security standards, 12 C.F.R. part 30, Appendix B, 12 C.F.R. part 208, Appendix D-2, 12 C.F.R. part 225, Appendix F, and 12 C.F.R. part 364, Appendix B, and 12 C.F.R. part 748, Appendices A and B, as they existed on July 24, 2015, if the financial institution provides notice to affected consumers pursuant to the interagency guidelines and the notice complies with the customer notice provisions of the interagency guidelines establishing information security standards and the interagency guidance on response programs for unauthorized access to customer information and customer notice under 12 C.F.R. part 364 as it existed on July 24, 2015. The entity shall notify the attorney general pursuant to RCW 19.255.010 in addition to providing notice to its primary federal regulator.

NOTES:

Effective date2019 c 241: See note following RCW 19.255.010.