I have been reading some documents issued by the Office of Financial Research, and one policy note in particular talks about the creation of a standardized “Legal Entity Identifier.” This identifier, which is also referred to as an LEI, is intended to reduce the complexity and confusion brought about when different companies have created their own representations (and consequently, their own identification scheme) for counterparties involved in financial transactions. Every company that interacts with any kind of financial transaction is to be assigned an LEI, and that identifier is unique to that company. Ultimately, the intent is to use unique identification for assessing exposure and risk to the financial system.
You are probably familiar with the fact that over the past few years there have been some new laws passed regarding health care reform. One law in the HITECH legislation requires “HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information.” What this effectively means is that if there is a case where some amount of protected health information (PHI) is inadvertently released, the organization that allowed that release is mandated to “provide notification of the breach to affected individuals, the Secretary (of Health and Human Services), and, in certain circumstances, to the media.”
In other words, you lose protected data and you have to report it to the Department of Health and Human Services.