Privacy General Business Health

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

The 37th International Conference of Data Protection & Privacy Commissioners – Some Observations

The annual conference of the world’s data protection regulators is a three day exercise, with half of the conference being “closed door” for the regulators only, and the other half being a series of side meetings and...more

The “Other” Safe Harbor: OIG Warns Healthcare Providers and Vendors Against Information Blocking and Federal Anti-Kickback...

For those of us who work in the privacy and security space this past week has been a whirlwind with focus on the ramifications of the European Court of Justice (ECJ) decision invalidating the EU-U.S. Safe Harbor Agreement....more

OIG Reports Insufficient Oversight Of HIPAA Compliance

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Is Your HIPAA Compliance Program Ready for the FTC?

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

OCR announces launch of Phase 2 of HIPAA audits

Although the Office for Civil Rights (OCR) has indicated in the past that it would start its next round of HIPAA audits, apparently it means business now. In the wake of an Inspector General report that the OCR was merely...more

Blog: HHS To Launch New HIPAA Audits in Early 2016 in Response to OIG Reports

The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports yesterday calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and...more

Appellate Court Notes

Supreme Court Advance Release Opinions: SC19253 - RBC Nice Bearings, Inc. v. SKF USA, Inc. [An important decision on contract waiver but one all attorneys should recall from the UCC or Contracts course we took...more

It’s About Time! 10 Key (Needed) Changes Proposed to the Human Subjects Protection “Common Rule”

The world has changed drastically since 1991 when Operation Desert Storm was underway; the USSR crumbled; Prince Charles and Princess Diana separated; the World Wide Web was born; gas cost $1.14; and the Dow peaked at 3168....more

Fitbit Agrees to Sign Business Associate Agreements and Take on HIPAA Compliance

Is your Fitbit data covered by HIPAA? It depends upon where you got it (kind of). If you go to the store and pick up a Fitbit on your own, the data it generates is governed by the user agreement that you click through...more

Trustee Alert – Medical Identify Theft On the Rise

The increased use of electronic medical records and breaches of that data by computer hackers or handling errors by insurers and providers has increased medical identity theft in recent years. This increase reemphasizes the...more

Stolen Laptop Bag Leads to $750,000 Fine for Oncology Group

On September 2, 2015, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced a substantial settlement with an Indiana-based oncology group, Cancer Care Group, P.C. (CCG). Under the terms of...more

Crafting a more realistic business associate agreement

According to a recent survey by KPMG, eighty percent (80%) of health care executives report that their information technology systems have been compromised by cyber attacks. Most healthcare institutions, the survey found,...more

Alert: Key Regulatory Considerations for Digital Health Companies

Digital health is a growing field that promises improved patient education, wellness, engagement, access to care, and outcomes, among other things. However, with these new technologies come unique regulatory concerns that...more

FCC Releases Guidance on Autodialing and Pre-Recorded Voice Calls to Wireless Phone Numbers

This past July, the Federal Communications Commission (“FCC”) released a ruling (the “Ruling”) interpreting the Telephone Consumer Protection Act (“TPCA”) restrictions on certain communications to wireless telephone numbers....more

Illinois Passes Authorized Electronic Monitoring in Long-Term Care Facilities Act

On Friday, August 21, 2015, Illinois Governor Bruce Rauner signed into law Public Act 099-0430, the Authorized Electronic Monitoring in Long-Term Care Facilities Act, which permits a resident of a nursing home and her family...more

Corridors September 2015 - News for North Carolina Hospitals

This article will provide an outline of some of the most significant points for hospitals to use when confronted with a formal government investigation under the Criminal or Civil False Claims Act. As noted below, you should...more

The Top Six Things You Need to Know About the Internet of Things: A Legal Perspective

IoT is discussed in the media more and more frequently. It has important social, economic and legal implications, most of which are yet to be fully understood. The following sets out a brief list of things you should...more

“Everything Old is New Again” – Issues in Recent Cyber Insurance Litigation

Early days still for coverage litigation about cyber risks – whether under cyber insurance policies or other types of policies. This is not surprising given the relatively short history of cyber risks and even shorter history...more

Massachusetts Hospital Agrees to Six-Figure Payment Related to HIPAA Compliance Allegations

St. Elizabeth’s Medical Center (SEMC), a tertiary care hospital based in Brighton, Mass., agreed to pay $218,400 to address deficiencies in its HIPAA compliance activities. The SEMC settlement continues a pattern of...more

Insurer Seeks Declaratory Judgment Against Policyholder for Data Breach

Late last month, Columbia Casualty Company instituted a declaratory judgment lawsuit in the United States District Court for the Central District of California against its insured, Cottage Health System. Columbia Casualty...more

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

Gavel to Gavel: Protect your data

The ever-increasing expense of corrective actions taken by companies after data breaches is often publicized. What’s not as apparent, or as publicized, are steps companies can take that may reduce the costs and the likelihood...more

Cloud Computing Contracts Top Issues for Healthcare Providers

In this Issue: - Summary - Overview - Cloud - Use - Security - Privacy - Functions - Availability - Performance - Location - Services -...more

Spotlight on Responsibility and Accountability: OIG’s New Compliance Guidance for Health Care Governing Boards

On April 20, 2015, the Office of the Inspector General of the U.S. Department of Health and Human Resources (“OIG”), in collaboration with the American Health Lawyers Association, the Association of Healthcare Internal...more

HIPAA Enforcement Remains a Concern for Providers of All Sizes

On Monday, April 27, 2015, the Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR") announced a settlement with Cornell Prescription Pharmacy ("Cornell"). Under the Resolution Agreement, Cornell...more

215 Results
View per page
Page: of 9

Follow Privacy Updates on:

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.