Latest Publications

Share:

How the General Data Protection Regulation Will Apply to and Affect the UK

The GDPR will apply to the UK when it is effective on May 25, 2018, but the government will need to adopt domestic data privacy legislation upon the UK’s pending exit from the EU....more

Investigatory Powers Act Becomes UK Law

The new law gives UK intelligence and law enforcement bodies sweeping surveillance powers. The IPA was introduced in response to recommendations that David Anderson QC made, in his capacity as the Independent Reviewer of...more

CRTC Issues First Compliance and Enforcement Decision on Canada’s Anti-Spam Legislation

Over two years after the enactment of Canada’s anti-spam legislation, the Canadian Radio-Television and Telecommunications Commission (CRTC) has issued its first decision on the law, with a particular focus on the consent...more

OCR Begins HIPAA Phase 2 Audits

What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more

EU-US Privacy Shield Approved

The EU-US Privacy Shield—successor to the invalidated Safe Harbor program for transatlantic transfers of EU personal data—was finally approved on July 12, 2016....more

UK Data Privacy Laws in a Post-Brexit World

Following the United Kingdom’s nonbinding vote to leave the European Union (“Brexit”), what do businesses need to consider for data privacy compliance?...more

OCR Launches Phase 2 of HIPAA Audits

Five suggested steps healthcare organizations and their contractors should take to prepare. On March 21, the Office of Civil Rights (OCR) of the Department of Health and Human Services launched Phase 2 of the HIPAA Audit...more

The Judicial Redress Act of 2015 Becomes Law

Passage of the Act facilitates two data-sharing agreements between the European Union and United States that will improve transatlantic business, privacy, and security. On February 24, the Judicial Redress Act of 2015...more

European Commission Releases Details of New EU-US Privacy Shield

The new EU-US Privacy Shield seeks to address the European Court of Justice’s criticisms in Schrems after the decision invalidated the Safe Harbor program for EU-US data transfers. On February 29, the EU Commission...more

Health Apps and HIPAA: OCR Publishes New Guidance For Health App Developers

OCR’s guidance presents hypothetical scenarios and key questions to help app developers determine when they are subject to HIPAA regulations. On February 11, the Department of Health and Human Services’ Office for Civil...more

Judicial Redress Act Would Extend Privacy Act Remedies to Citizens of Designated Foreign Nations

The pending legislation would authorize the US Department of Justice to designate foreign countries to allow the citizens of such countries to bring civil actions against certain US agencies to access, amend, or redress...more

EU-US Privacy Shield to Replace Safe Harbor

A new personal data transfer agreement was announced on February 3, 2016 between EU and US authorities: the EU-US Privacy Shield will replace the invalidated Safe Harbor programme. Since the landmark decision of the...more

New EU Data Protection and Cybersecurity Laws Finalised

The General Data Protection Regulation places new obligations on businesses to protect personal data with high financial penalties for noncompliance. The European Commission has confirmed that the new General Data...more

California Amends its Breach Notification Requirements (AGAIN)

New provisions about encryption, license plate recognition, and breach notification letters. California has long been a trendsetter with regard to security breach notification standards. In 2002, for example, California...more

The Three “Hows” Of Physician Compensation

New care delivery models and healthcare reimbursement trends are heating up the market for hospital employment of physicians yet again, but does a productivity-based compensation model still work in this environment?...more

Brazil Bill Implements New Provisions for International Data Transfers

The Bill’s provisions on international data transfers are most relevant to foreign companies that do business in Brazil. The Brazilian government has issued a Bill for the Protection of Personal Data (Bill) for public...more

Preparing for Phase 2 HIPAA Audits: It’s All About the Documentation

The launch of Phase 2 HIPAA audits is imminent. Although any individual hospital has only a small chance of getting audited, preparation helps protect a hospital if it is ever investigated for potential HIPAA violations. In...more

2/17/2015  /  Audits , HIPAA , Hospitals , OCR

Proposed Data Breach Legislation Announced

President Obama’s new proposed Personal Data Notification and Protection Act provides a national standard for companies responding to security breaches....more

New California Privacy Laws

California continues to lead the way in passing new or updating existing data protection legislation. The weekly disclosure of new data breaches that involve retail and other corporations has focused the general public...more

Florida’s Strict New Data Breach Notification Law Takes Effect

The new law sets up one of the most robust data protection regimes in the United States and is relevant to any business that collects personal information nationwide....more

New California Law Protects Online Account Information

As of January 1, security breach notifications must be provided to consumers when certain account information is compromised. On September 27, California Governor Jerry Brown signed into law Senate Bill No. 46 (S.B....more

California Enacts New Laws on Data Privacy and Security Issues

The state continues to lead the United States in the data privacy and security field by giving minors an Internet “delete” option and requiring disclosures about “do not track” practices. In September 2013, California...more

FDA Taking on Cybersecurity Risks for Medical Devices

FDA issues safety communication and draft guidance clarifying that manufacturers are responsible for addressing cybersecurity risks related to their medical devices....more

6/17/2013

Protections to Be Extended for Electronic Health Record Donations

CMS and OIG issue similar proposed rules to modify the electronic health record exception and safe harbor. On April 10, the Centers for Medicare & Medicaid Services (CMS) and the Office of Inspector General (OIG) of...more

HHS Releases HIPAA/HITECH Omnibus Final Rule

Rule finalizes many provisions of the proposed rule, imposing new privacy and security obligations directly on business associates and modifying the definition of "breach" and the required factors to be considered in a risk...more

27 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!