Privacy Consumer Protection Health

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Eye on Privacy Newsletter - March 2014

In this issue: - Kaiser Foundation Health Plan Settles California Attorney General Charges over Delayed Data Breach Notification - Status of the EU Regulation and the Safe Harbor Framework - FTC Steps...more

FTC Settles Case With Medical Transcription Company

The Federal Trade Commission (FTC) recently announced that it had settled its data privacy case against medical transcription firm GMR Transcription Services, Inc. (GMR) following allegations that GMR had failed to adequately...more

Get Ready! HHS OCR Announces Next Round of HIPAA Audits

To combat new risks associated with rapidly evolving health information technology, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act...more

Health Law Blog: County Government Settles Alleged HIPAA Violations

A small county in Washington has agreed to pay $215,000 to settle allegations that it violated HIPAA by failing to secure electronic protected health information. Skagit County maintained protected health information (“PHI”)...more

Belgium: Beware Of The Barking Privacy Watchdog, She’s Biting

The quietness in the privacy landscape in Belgium is about to drastically change. Reason for the change of pace are the recent major data breaches that were published by the media. The Privacy Commission announced it will...more

Health Insurer Fined Unprecedented $6.8 Million for HIPAA Violations

Federal fines for violations of the Health Insurance Portability and Accountability Act (HIPAA) may not exceed $1.5 million per incident per year. That's already a big number to think about — but employers also need to...more

Health Care Law Alert: Skagit County Fined $215,000 for HIPAA Violations

Skagit County in northwest Washington state has been fined $215,000 for violations of the HIPAA privacy, security, and breach notification rules. The U.S. Department of Health and Human Services’ Office for Civil Rights...more

OCR Settles Potential HIPAA Violations with County Government for $215,000

To start 2014, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first resolution agreement of the year and its first settlement with a county government – signaling that even local...more

CMS Issues Final Rule on Direct Access of Lab Test Results by Patients

On February 3, 2014, the Centers for Medicare and Medicaid Services (CMS) released a final rule that permits patients or their representatives to have direct access to the results of their lab tests. This rule change is...more

Proposed $6.8M Fine Related to Puerto Rico Breach Incident

Triple-S Salud, Inc. (“Triple-S”), a Puerto Rico Health Insurance Administration (“PRHIA”) contractor, filed a Form 8-K indicating that the PRHIA intended to impose a civil monetary penalty of $6,768,000 and other...more

Some Things Better Left Unshared: Social Media and Medical Identity Theft

The Washington Post recently published an article reminding individuals not to tweet or otherwise share information concerning their medical conditions on social media, warning that disclosing such information publicly “is...more

Unique Data Breach Settlement – A Sign Of Things To Come?

A judge in the United States District Court for the Southern District of Florida has approved a $3 million data breach class action settlement agreement between AvMed, Inc. and plaintiffs. The settlement arises out of a...more

HIPAA and Mental Health Information: HHS Issues HIPAA Guidance Addressing Mental Health Information

The U.S. Department of Health and Human Services (“HHS”) recently issued new guidance clarifying how the HIPAA Privacy Rule strikes the balance of protecting individuals’ privacy of mental health information and communicating...more

Triple-S Socked with $6.8 Million Sanctions for PHI Breach

Triple-S, an insurance holding company and subsidiary of Triple-S Management Corporation, was notified by the Puerto Rican Health Insurance Administration (“HIA”) that HIA would pursue penalties against Triple-S for its...more

HHS Rule Grants Patients Direct Access to Lab Test Results

The U.S. Department of Health and Human Services (HHS) recently published a Final Rule granting patients and their personal representatives access to the patient’s completed laboratory test reports directly from the lab...more

Cyber Security: Are You At Risk?

In This Issue: - Prevention - Notification - Potential Litigation - Conclusion - Excerpt from Foreward: As the recent Target and Neiman Marcus data breaches made clear, cyber security is one...more

California Attorney General Files Suit Over Untimely Data Breach Notice

On January 24, the California Attorney General (AG) sued a health care company over its alleged failure to timely submit notice of a 2011 data breach. According to the complaint, the company learned of the breach at the end...more

In with the New, Part III: 2014 Privacy, Advertising and Digital Media Predictions

Boston-based litigation partner Matt Turnell shares his predictions about class action litigation under the Telephone Consumer Protection Act (TCPA) and Electronic Communications Privacy Act (ECPA) in 2014 and Boston-based...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

HIPAA Covered Entities Subject to FTC Act Enforcement of Data Security Practices

On January 16, 2014, the Federal Trade Commission (FTC) unanimously ruled that it has authority to regulate a healthcare provider’s inadequate data security programs in order to protect consumers from business’ failure to...more

FTC and Accretive Health Settle Unfair Business Practice Complaint Centered on Data Security Measures

Accretive Health recently agreed to settle a Federal Trade Commission (FTC) complaint that stems from a July, 2011 incident in which an Accretive employee’s laptop was stolen from his car. As a medical billing and revenue...more

Google’s Breach of Canadian Privacy Rules

In a recent decision released by the Canadian Privacy Commissioner (PIPEDA Report of Findings #2014-001), the commissioner investigated a complaint that Google pitched ads to an individual based on medical information that he...more

Oh Canada! Google Settles Health-Related Behavioral Advertising Claims

The Office of the Privacy Commissioner of Canada (OPC) announced on January 15, 2013, that it reached a settlement with Google over the use of health information in behavioral advertising. The case involving a complaint that...more

Is Using Health Information For Interest-Based Advertising Really Off-Limits?

As was widely reported, on January 15, 2013, the Office of the Privacy Commissioner of Canada (OPC) issued a Report of Findings regarding interest-based advertising or online behavioural advertising through Google’s AdSense...more

Accretive Health Data Breach Leads To Twenty-Year Settlement With The FTC

On December 31, 2013, the Federal Trade Commission ("FTC") announced that Accretive Health, Inc., ("Accretive") agreed to settle charges that the company's inadequate data security measures exposed sensitive consumer...more

119 Results
|
View per page
Page: of 5

Follow Privacy Updates on: