Anna Watterson

Anna Watterson

Davis Wright Tremaine LLP

Contact  |  View Bio  |  RSS

Latest Publications


Top Takeaways from IAPP

The world of privacy grows every day as more data goes through the cloud. The new trends and weekly data breaches make conferences like the Global Privacy Summit all the more relevant. Earlier this month we went to...more

4/25/2016 - Broadband Data Breach FBI FCC FERPA FTC General Data Protection Regulation (GDPR) HIPAA HIPAA Audits Internet Service Providers (ISPs) OCR Privacy Concerns Risk Assessment Student Privacy Unfair or Deceptive Trade Practices

The Audit Protocol is Released, and Other Updated HIPAA Audits News

As we previously reported, the HHS Office for Civil Rights (OCR) launched Phase II of its audit program on March 21. Since that time, a significant amount of new information has emerged, including details regarding the...more

4/12/2016 - Business Associates Covered Entities HHS HIPAA HIPAA Audits OCR

One Step Forward and Two Steps Back: Proposed Changes to the Alcohol and Drug Abuse Treatment Confidentiality Rule

On Feb. 9, 2016, the U.S. Department of Health and Human Services Substance Abuse and Mental Health Services Administration (SAMHSA) published in the Federal Register a proposed rule putting forth amendments to the Alcohol...more

2/16/2016 - Confidential Documents Drug & Alcohol Abuse Health Care Providers HIPAA Medical Records Privacy Rule SAMHSA

DWT Releases Latest Health Care Breach Charts

Safeguarding patient information is at the core of responsibilities for health care entities under the Health Insurance Portability and Accountability Act (HIPAA). But safeguarding patient information isn’t just a regulatory...more

11/12/2015 - Covered Entities HIPAA OCR Patient Confidentiality Breaches Patient Privacy Rights

States Try to Make the Grade with Student Data Privacy Efforts

Eight states passed substantive bills during the 2015 legislative session requiring education-focused Internet service, websites and mobile app providers to take measures to protect student data - With students around the...more

9/18/2015 - Data Privacy Educational Institutions Mobile Apps Personally Identifiable Information SOPIPA Student Privacy Students Websites

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

9/9/2015 - Breach Notification Rule Compliance Data Protection Health Information Technologies Healthcare HHS HIPAA Medical Records Mobile Devices NIST OCR Personally Identifiable Information Privacy Laws Privacy Policy Reasonable Expectation of Privacy Risk Assessment

[Webinar] Mobile Device Management for Health Care Organizations and Vendors - Sept. 10th, 10:00am PDT

In this webinar, we will demystify the HIPAA Security Rule and how to apply the administrative, physical, and technical safeguards in a mobile environment. We will discuss key takeaways from the recently released NIST Draft...more

9/4/2015 - Data Breach Data Protection Data Security Electronic Medical Records HIPAA mHealth Mobile Apps Mobile Devices NIST Patient Privacy Rights Popular Webinars

NIST Issues Draft Guidance for Mobile Health Data

With health care breaches constantly on the rise, increasing access to electronic health records (EHRs) from mobile devices, and more prevalent “shadow” cloud use, health care organizations are getting a bit of help from the...more

8/5/2015 - Best Practices Cyber Attacks Cybersecurity Data Breach Data Security EHR Electronic Health Record Incentives Hackers Health Care Providers Healthcare HIPAA Identity Theft Mobile Devices NIST Popular

Higher Education Institutions Increasingly Falling Victim to Cyberattacks

Higher education institutions are treasure troves for hackers. Colleges and universities are huge repositories of research data, sensitive information for large populations of applicants and enrolled students (personal,...more

7/29/2015 - Cyber Attacks Cyber Crimes Cybersecurity Data Breach Educational Institutions Hackers NIST

Meaningful Use Stage 3 Proposed Rule: Security Risk Analysis and Patient Access

Where HIPAA and Meaningful Use intersect, does the newly released Meaningful Use Stage 3 proposed rule provide greater clarity or create more confusion? As discussed in our earlier advisory, the Meaningful Use Stage 3...more

5/4/2015 - CMS EHR Healthcare HIPAA Meaningful Use OCR Proposed Regulation Security and Privacy Controls

Be Careful with Information Destruction: Another Medical Record Disposal HIPAA Settlement

The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) recently announced a new settlement with a small pharmacy, Cornell Prescription Pharmacy (“Cornell”). OCR alleged that Cornell was disposing of...more

5/1/2015 - Document Destruction Enforcement Actions OCR Pharmacies PHI Settlement

Disclosure of Germanwings Co-pilot’s Medical Information Raises Tricky Privacy Concerns

Recent reports surrounding Germanwings co-pilot Andreas Lubitz suggest that Lubitz told his doctors he was on sick leave (or was instructed by his doctors to be on sick leave), and concealed that he was still flying for the...more

4/10/2015 - Airlines Airplane Accidents HIPAA Medical Records Pilots Privacy Laws Public Disclosure of Private Facts

Proposed HHS Rule Sets the Stage for Changes to the Meaningful Use Program

On March 30, the Department of Health and Human Services’ (HHS) Centers for Medicare & Medicaid Services (CMS) published its proposed rulemaking for Stage 3 of the Medicare and Medicaid Electronic Health Records (EHR)...more

4/10/2015 - CMS EHR Health Care Providers Healthcare HHS Meaningful Use Proposed Regulation

President Obama’s Proposed Privacy Bill of Rights, Part 1: Personal Data, De-Identification, and Retention Requirements

On Friday, Feb. 27, the Obama administration unveiled a proposed Consumer Privacy Bill of Rights that would require businesses to be more transparent in privacy practices, and provide individuals certain rights aimed at...more

3/3/2015 - Consumer Privacy Bill of Rights Obama Administration Personally Identifiable Information Popular Proposed Legislation

Employers: What the Anthem Breach Means to You

On Feb. 4, 2015, Anthem announced a data breach involving the personal information of more than 80 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack. Group health plans may be...more

2/10/2015 - Anthem Insurance Best Practices Breach Notification Rule Corporate Counsel Cyber Attacks Cybersecurity HIPAA Personally Identifiable Information

Latest HIPAA Settlement: Compliance is an Ongoing Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more

12/18/2014 - Healthcare Facilities HIPAA OCR Patient Confidentiality Breaches PHI Popular Settlement

Refill Reminders and the TCPA

The Telephone Consumer Protection Act (“TCPA”) presents another challenge as health care providers continue to engage patients and seek to meet Meaningful Use reminder objectives. Over the past year, there have been several...more

12/5/2014 - Business Associates Cell Phones Class Action Covered Entities Health Care Providers Pharmacies Popular Prescription Drugs Prior Express Consent TCPA

Encryption and Securing BYO Devices at the Heart of Massachusetts AG $100,000 Settlement

The Massachusetts Attorney General announced Friday that her office had reached a settlement with Beth Israel Deaconess Medical Center (BIDMC) surrounding a 2012 data breach in which a physician’s unencrypted personal laptop...more

11/26/2014 - Bring Your Own Device Covered Entities Data Breach Data Protection Employer Liability Issues Encryption Health Care Providers Patient Confidentiality Breaches Personally Identifiable Information Popular

Preparing for HIPAA Compliance Audits

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), the office responsible for administering and enforcing the Health Insurance Portability and Accountability Act of 1996 (HIPAA), will...more

11/25/2014 - Audits Business Associates Covered Entities HHS HIPAA OCR

Ebola or Not, Patient Privacy Must Be Protected: Office for Civil Rights Issues Bulletin on HIPAA Requirements in Emergency...

In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued a new bulletin reminding HIPAA-covered entities and their business associates that the...more

11/13/2014 - Data Protection Ebola EHR Healthcare HHS HIPAA OCR PHI

CMS Reopens the Medicare Payment Adjustment Hardship Exception Application Submission Period for Certain Providers and Hospitals

Centers for Medicare & Medicaid Services (CMS) recently announced the reopening of the submission period for hardship exception applications for eligible professionals and eligible hospitals that have been unable to fully...more

10/30/2014 - CEHRT CMS EHR Healthcare Healthcare Reform Hospitals Medicare PHI Undue Hardship

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

10/13/2014 - Breach Notification Rule Data Breach EHR Healthcare Personally Identifiable Information PHI Popular

Starting Oct. 6, Patients Can Access Test Reports Directly From Clinical Laboratories

On Oct. 6, 2014, a final rule issued jointly by the Centers for Medicare & Medicaid Services (CMS), Centers for Disease Control and Prevention (CDC), and Office for Civil Rights (OCR) will require all HIPAA-covered labs...more

10/2/2014 - CDC Clinical Laboratories CMS EHR Healthcare HIPAA OCR PHI Popular

CMS Issues Final Rule Providing Flexibility for Providers Unable to Fully Implement 2014 Technology to Demonstrate Meaningful Use...

In response to providers being unable to fully implement 2014 Edition certified electronic health record technology (CEHRT) due to limited availability, CMS adopted changes proposed earlier this year through a final rule...more

9/24/2014 - CEHRT CMS Deadlines Final Rules Reporting Requirements

Looming HIPAA Deadline: Update Business Associate Agreements by Monday, September 22, 2014

Business associate agreements that have not already been updated as required by the HIPAA Omnibus Rule should be updated by September 22, 2014. The Omnibus Rule changed and added mandatory language for valid business...more

9/23/2014 - Business Associates Deadlines HIPAA HIPAA Omnibus Rule

28 Results
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.