News & Analysis as of

General Business Privacy Health

Read need-to-know updates, commentary, and analysis on General Business issues written by leading professionals.

HIPAA and the Cloud’s Shared Responsibility Models

by Snell & Wilmer on

Cloud-based service providers (CSPs), like Amazon Web Services and Microsoft Azure, offer online access to shared computing resources. As such, they have developed a “shared responsibility model” for how CSPs and companies...more

Deeper Dive: Frequency and Severity

by BakerHostetler on

All industries are affected by cyberattacks, but how often and to what extent they occur vary greatly by industry type. As for frequency, the healthcare industry in 2016, for the third year in a row, saw the greatest...more

Corporate Law & Governance Update - April 2017

by McDermott Will & Emery on

The following developments from the past month offer guidance on corporate law and governance law as they may be applied to nonprofit health care organizations: OVERSIGHT OF CORPORATE CULTURE - A significant emerging...more

HIPAA Checkup – How Good Are Your Policies and Procedures?

by Snell & Wilmer on

Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more

Top Trends in Business Law that You Need to Know for 2017

by Fraser Trebilcock on

Macy’s and Kmart are each closing a Lansing, Michigan location – but did you know that in general, retail spending is up? It’s easier than ever to collect customer data, but business owners beware: you need to...more

Happy Data Privacy Day! A Few Tips from the MVA Privacy and Data Security Group

by Moore & Van Allen PLLC on

Saturday January 28, 2017 is Data Privacy Day. The Moore & Van Allen Privacy and Data Security group took a break from the pre-holiday revelries to put together some thoughts and tips for DataPoints. So hoist a glass and...more

Recent HIPAA Settlements Highlight Importance Of Business Associate Agreements

by Fisher Phillips on

Two related healthcare companies were forced to pay settlements with the federal government totaling over $500,000 over allegations relating to a data breach involving patient health information. Much of the negative...more

Recent CyberSecurity Incidents Emphasize Importance of Cyberinsurance

by Akerman LLP - Health Law Rx on

As the threat of cyberattacks continues to pose daily threats to businesses large and small, more companies have turned to cyber insurance products to shore up protection against these disruptive threats. A spate of recent...more

OCR Explains How Information Blocking Violates HIPAA

by McDermott Will & Emery on

The US Department of Health and Human Services Office for Civil Rights recently posted guidance clarifying that a business associate such as an information technology vendor generally may not block or terminate access by a...more

HHS Publishes New Guidance on HIPAA and Cloud Computing

by Stinson Leonard Street on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Health Update - October 2016

Defining and Resolving the Provider Data Dilemma - Editor’s Note: Provider data drives the most fundamental processes in the healthcare system. Inaccurate provider data puts patient care and billions of dollars at risk....more

Ten Things to Know About the CMS Long-Term Care Requirements Final Rule

by Holland & Knight LLP on

Deadlines are looming to come into compliance with sweeping changes to the Centers for Medicare & Medicaid Services (CMS) requirements for long-term care facilities (LTC) participating in Medicare and Medicaid. The CMS final...more

Compensation and Benefits Insights – September 2016 #2

by King & Spalding on

Hardly Water Under the Bridge: NLRB, SEC, OSHA Mount Offensive Against Confidentiality Agreements - A recent New York Times story shed light on complaints by an employee of Bridgewater Associates, a $154 billion hedge...more

Guidelines for Written Information Security Policies

by Bryan Cave on

Although federal law only requires that financial institutions and health care providers maintain a written information security policy or “WISP,” approximately thirty four states have enacted legislation that requires...more

Cybersecurity Awareness Month: Visits From the Ghosts of Claims Past and Claims Future

by Carlton Fields on

Cybersecurity awareness month is nigh upon us again, and thus perspective is in order. 2016 brought us the first collection and analysis of the nascent claims history of the burgeoning cyber-insurance market. On August 27,...more

3 Essential Steps For Responding To Ransomware Attacks

by Jackson Lewis P.C. on

Likely because most victims comply with their demands, the incidence of attacks by ransomware hackers has exploded in 2016. Guidance issued by the U.S. Department of Health and Human Services (“HHS”) in July notes that, on...more

Corporate E-Note - August 2016

by Burr & Forman on

In a “Table of Experts” series published on July 15, 2016 by the Birmingham Business Journal, Ed Christian provides his insight into a series of questions related to mergers and acquisitions. Please see full E-note below...more

Locky Ransomware Continues to Hit Health Care Entities

FireEye Labs has reported that the Locky ransomware continues to hit the health care industry hard, and has increased in the month of August. Although the telecommunications, manufacturing and aerospace/defense...more

HIPAA News: HHS Getting Tough On ePHI Data Breaches

by Snell & Wilmer on

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more

HHS OCR Guidance on Ransomware Attacks: They Constitute a “Security Incident” and Are Likely a Data Breach

On July 11, 2016, the HHS Office of Civil Rights (OCR) released guidance on HIPAA covered entities’ responsibilities in a ransomware attack, a type of cyber-attack that has targeted the health care sector extensively in...more

OCR Announces First HIPAA Enforcement Action against a Business Associate

by Ballard Spahr LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

Breach of ePHI Results in $2.7 Million Fine

Oregon Health & Science University (“OHSU”) has paid $2.7 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle allegations that it violated the Health Insurance Portability...more

Check Your Desk: HIPAA Audits for Covered Entities Have Arrived

by Ballard Spahr LLP on

The Office of Civil Rights (OCR) of the Department of Health and Human Services has moved forward with Phase 2 of its Health Insurance Portability and Accountability Act of 1996 (HIPAA) audit program. On Monday, July 11,...more

Entity Fined $650,000 in First HIPAA Settlement with a Business Associate

The possibility of business associates potentially being audited, investigated, and ultimately fined is now a reality. On June 24, 2016, the United States Department of Health and Human Services’ Office of Civil Rights...more

Business Associate Settles HIPAA Investigation for $650,000

by Lathrop & Gage LLP on

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

266 Results
|
View per page
Page: of 11
Cybersecurity

Follow General Business Updates on:

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.

Feedback? Tell us what you think of the new jdsupra.com!