N.J. considers mandating encryption to protect health information

As data breaches at retailers become more common, New Jersey lawmakers are considering legislation that would help protect personal health information.

A bill proposed by Assemblyman Joe Lagana would require insurance carriers to encrypt computerized health records transmitted across public networks to make them illegible to hackers.

That would prevent identity theft and keep personal information private, said Lagana, D-Bergen.

“Someone who is going through any type of ailment, they don’t want it splashed everywhere,” he said Thursday during a hearing on the measure. “It could be embarrassing for some people. Sometimes people don’t want their co-workers to know about something … sometimes people even hide things from their own family members. So it could be very devastating to some people.”

The recent data breaches at several retailers show why the measure is needed, said Assemblyman Carmelo Garcia, another primary sponsor of the bill.

“Identify theft is becoming more proliferated as a crime and it strikes the heart of every person’s humanity,” said Garcia, D-Hudson. “So this is very critical to ensuring that our consumers are protected by the carriers.”

If the bill becomes law, failure to encrypt the data could be punishable by fines of as much as $20,000.