December 2008
Taking License | by Kraig Bohot
You’ve probably seen the worrisome headlines: major corporations losing the confidential and personal information of thousands, even millions, of customers.
Perhaps you’ve been unfortunate enough to be the victim of identity theft yourself.
As information becomes more important in all aspects of life, keeping it protected is becoming more important, too.
At the Oregon Health Licensing Agency (OHLA), we are taking steps to protect information that could cause harm to our licensees or the agency if it fell into the wrong hands.
At the same time, we are continuing to be as transparent as possible in how we do business as a state agency.
While we want our licensees, consumers and other agency stakeholders to be fully informed of the agency’s operation, we also want to fully protect information that is, by law, confidential.
OHLA already has safeguards in place to protect the most obvious confidential information, such as licensees’ individual social security numbers. To keep a step ahead of computer hackers and other information thieves, OHLA is involved in statewide efforts to safeguard such information.
Whether the information is electronic, printed or even verbal, we are leveraging the expertise of the Department of Administrative Service’s Enterprise Security Office to keep confidential information protected.
Hurricane Katrina and other natural disasters taught us that confidential hospital patient records can simply float away in flood waters.
Unfortunately, human error continues to wreak havoc on our information security as well. Remember the story about the hospital worker who left patient records overnight in a van?
Whether it is an intentional act by a mysterious hacker, a simple mistake by an untrained worker, or an unexpected act of nature, the risk to information security is real and growing.
Thankfully, Oregon state government has not suffered from the kind of information security breaches that have grabbed headlines in the past few years.
Based on statewide efforts and expertise, OHLA will be developing a plan to enhance our existing information security in the coming months.
Obviously, protecting licensee information is one of our highest priorities. But we will also be reviewing how well we are safeguarding other sensitive information, from proposed disciplinary or ongoing investigatory actions to executive session proceedings.
At the same time, we’ll be continuing to provide our customers, consumers and stakeholders with the information they need to be knowledgeable participants in the regulatory process.
Kraig Bohot is Communications Coordinator at the Oregon Health Licensing Agency (OHLA), a state consumer protection agency providing centralized regulatory oversight of multiple health and related professions. He can be reached at (503) 373-1939 or at kraig.bohot@state.or.us.
The Oregon Consumer Identity Theft Protection Act, passed by the 2007 Oregon State Legislature, gives consumers more tools to protect themselves against identity theft.
This new state law requires businesses, organizations, government agencies, and individuals that collect and maintain personal identifying information to ensure the security of that information.
Q: What is “personal identifying information?”
A: A person’s name in combination with a Social Security number, Oregon driver’s license number or Oregon identification card number, passport number, financial, credit or debit card numbers along with security or access codes or password that would provide access to a financial account.
Q: What does the law require?
A: The law contains three components that will help protect sensitive information:
Notification of a Security Breach. Anyone (business, organization, government agency, or individual) that maintains personal information of Oregon consumers will be required to notify customers if computer files containing that personal information have been subject to a security breach.
Protection of Social Security numbers. Those who keep Social Security numbers are prohibited from printing Social Security numbers on cards or documents that are mailed, unless the consumer has requested information that requires an SSN, or publicly displaying or posting a Social Security number. This doesn’t apply to the use of SSNs for internal verification purposes.
Safeguarding Data. If you collect personal identifying information, you must develop, implement and maintain reasonable safeguards to protect the security and confidentiality of the information. This also includes the proper disposal of information.
Visit http://www.cbs.state.or.us/dfcs/id_theft.html for more information on the Oregon Identity Theft Protection Act.
The Board of Cosmetology next meets on Monday, January 12, 9 am in the Rhoades Conference Room at the Oregon Health Licensing Agency (OHLA) in Salem. Board meetings are open to the public and offer an opportunity to comment on board business and other related matters.
For a meeting agenda, visit the OHLA Web site at www.oregon.gov/OHLA/COS, call OHLA at 503.378.8667 or visit the OHLA office. Meeting agendas are usually finalized and posted to the Web site within two weeks of the meeting.
As of December 1, 2008, the Oregon Health Licensing Agency (OHLA) and Board of Cosmetology temporarily suspended the acceptance of examination scores from LaserGrade* for all fields of practice certification and the Oregon Laws and Rules section.
The agency is currently reviewing the process for accepting LaserGrade examination scores to determine if changes are necessary to continue offering this remote testing option.
Applicants may continue to take the examination at OHLA in Salem. In most cases, applicants who take and pass the examination at OHLA receive same-day certification
Questions? Contact OHLA at 503-378-8667 or ohla.info@state.or.us.
*LaserGrade a wholly owned subsidiary of PSI Services Inc.
As of December 1, 2008, all applicants for an authorization to practice (license, registration or certification) must provide two or more forms of acceptable original or certified copies of identification.
Acceptable identification includes, but is not limited to, U.S. passport, driver’s license, U.S. Social Security card, and original or certified copy of a birth certificate.
For more information, visit www.oregon.gov/OHLA.
As of December 1, 2008, OHLA and the Board of Cosmetology no longer offer interpreter-assisted examinations. Applicants may continue to take the written examination on computer touch-screen in English, Spanish or Vietnamese.
Estheticians interested in the Oregon Health Licensing Agency’s proposal to recognize advance training, education and experience for advanced practice should look for updates after the Oregon State Legislature’s session begins on January 12, 2009.
Find legislative updates and more information on OHLA legislative proposals in upcoming editions of Northwest Stylist and at www.oregon.gov/OHLA.
How many practitioners and facilities are active in Oregon? (Numbers in parentheses +/- change from previous month.) According to Oregon Health Licensing Agency (OHLA) records as of December 2, 2008:
Practitioners 30,983 (+79)
Facilities 4,515 (-31)
Independent contractors 6,991 (-58)
Certificate of ID 163 (-4)
Barbering 5,709 (-37)
Esthetics 13,556 (-24)
Hair Design 20,973 (-9)
Nail Technology 14,897 (-56)
Oregon Health Licensing Agency
700 Summer Street NE, Suite 320 • Salem, OR 97301-1287
Licensing Office (503) 378-8667 • Enforcement Unit (503) 378-4294
www.oregon.gov/OHLA
OHLA Agency Staff:
Susan K. Wilson, Director
Tricia Allbritton, Administrative Rules/Legislation
Richard McNew, Business Administration
Tim Molloy, Regulatory Operations
Board of Cosmetology:
Michael D. Snook, Salem - Chair
Debora Masten, Salem - Vice Chair
Linda Bergmann, Florence
Patricia A. Hall, Pendleton
Herb Hirst, North Plains
Sharon Wiser, Lake Oswego
