As we start 2022, as part of our Spotlight series, we connect with Reece Hirsch, the co-head of Morgan Lewis’s privacy and cybersecurity practice, to discuss the recent policy statement issued by the US Federal Trade...more
1/7/2022
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Health Apps ,
Policy Statement ,
Popular
According to recent guidance from the US Federal Trade Commission (FTC), providers of health apps and connected devices that collect consumers’ health information must comply with the FTC’s Health Breach Notification Rule, 16...more
The GDPR will apply to the UK when it is effective on May 25, 2018, but the government will need to adopt domestic data privacy legislation upon the UK’s pending exit from the EU....more
3/22/2017
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular ,
UK ,
UK Brexit ,
UK Data Protection Act
What covered entities and business associates can do to prepare for the next round of audits.
On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more
7/19/2016
/ Breach Notification Rule ,
Business Associates ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Audits ,
HITECH Act ,
OCR ,
PHI ,
Security Risk Assessments
President Obama’s new proposed Personal Data Notification and Protection Act provides a national standard for companies responding to security breaches....more
California continues to lead the way in passing new or updating existing data protection legislation.
The weekly disclosure of new data breaches that involve retail and other corporations has focused the general public...more
The new law sets up one of the most robust data protection regimes in the United States and is relevant to any business that collects personal information nationwide....more