Privacy Consumer Protection Health

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Oregon Expands Data Breach Law

The modified law will expand the definition of personal information to include medical information and physical characteristics, and require notification to the state Attorney General. Businesses with customers in Oregon...more

A New Era of HIPAA Enforcement

Traditionally, HIPAA enforcement is assigned to the Department of Health and Human Services’ Office for Civil Rights (OCR). In November 2013, Health and Human Services’ Office of Inspector General sharply criticized OCR’s...more

Upcoming HIPAA Audits May Target Financial Institutions—Here’s How to Prepare

Much like a tornado watch, the conditions appear to be right for a coming storm: the upcoming Phase 2 HIPAA audits. The Department of Health and Human Services Office for Civil Rights (OCR) has begun verifying contact...more

Connecticut Legislature Passes Bill Mandating Identity Theft Protection Services Following Data Breach

Connecticut’s legislature has passed a bill that imposes strict new timing requirements for entities conducting business in the state that experience a data breach, which Governor Malloy reportedly intends to sign into law. ...more

Advocate Health data breach class action suit dismissal upheld by Appellate Court

In August of 2013, four computers of Advocate Health and Hospitals Corporation (Advocate Health) were stolen from one of its offices. The computers contained the names, dates of birth, Social Security numbers, health...more

FCC Uses Industry Requests for TCPA Clarity to “Close Loopholes” and “Empower Consumers” Rather Than to Afford More Than Token...

The Federal Communications Commission (FCC) adopted a Declaratory Ruling and Order that resolves 19 petitions for declaratory ruling, one rulemaking petition and one petition for clarification, all arising out of an upsurge...more

FCC Approves TCPA Clarifications that Increase Potential for Liability

The Federal Communications Commission, in a divided vote, approved an order clarifying several long-simmering Telephone Consumer Protection Act (TCPA) issues. While the order has not been officially released, the...more

Medical Informatics Engineering discloses data breach

Electronic health record (EHR) vendor Medical Informatics Engineering and its subsidiary, NoMoreClipBoard, which is a personal health record (PHR) product, notified its EHR clients and PHR individuals that it has been the...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

Doing Business In Connecticut? There's A New Data Security Law You Should Get To Know

This week the Connecticut House of Representatives passed Senate Bill 949, "An Act Improving Data Security and Agency Effectiveness," (the "Act") which includes new or modified State requirements concerning the security of...more

A Deeper Dive: Regulatory Investigations Following a Reported Breach

In our inaugural Data Security Incident Response Report (the Report), we found that regulators inquired about a company’s breach 31% of the time and multi-state state Attorneys General investigations were launched less than...more

Nevada and North Dakota amend state breach notification laws

Nevada has amended its breach notification law, effective July 1, 2015, to include a medical or health insurance identification number and a user name, unique identifier, or e-mail address in combination with a password or...more

CareFirst, Third Major Health Insurer This Year To Be Hit By Cyberattack

On May 20, 2015, CareFirst BlueCross BlueShield (“CareFirst”) announced that it was the latest victim of a major cyberattack, with as many as 1.1 million plan customers affected. Current and former CareFirst members and...more

Healthcare Organizations not Immune from Criminal Attacks on Sensitive Information

This month, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data and its findings are generating a good deal of attention. In the past, the Study has found that most data...more

Think You Know Your HIPAA-Related Obligations? Read the ONC’s New Privacy and Security Guide to Find Out

In 2013, we alerted you to the expansion of the definition of the term “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Now, the Office of the National Coordinator for Health...more

Blog: CareFirst Discloses Data Breach

CareFirst, a Blue Cross Blue Shield plan serving the Washington D.C. metro area, became another in a line of health insurers to suffer a data breach as a result of hackers. CareFirst and the FBI are examining the breach...more

CareFirst announces breach of 1.1 million records in cyberattack

Following in the footsteps of Anthem and Premera, CareFirst, a Blue Cross Blue Shield plan servicing customers in Maryland, Washington, D.C. and Virginia announced yesterday that it too has been the victim of a...more

CareFirst Suffers Cyberattack, Data Breach of 1.1 Million Customers’ Information

BREAKING NEWS: Health insurer CareFirst BlueCross BlueShield disclosed today that hackers gained access to one of its databases, exposing personally identifiable information for approximately 1.1 million people....more

ONC Releases Updated Guide to Privacy and Security of Electronic Health Information

The Office of the National Coordinator for Health Information Technology (“ONC”) of the U.S. Department of Health and Human Services (“HHS”) recently released Version 2.0 of the Guide to Privacy and Security of Electronic...more

Also In the News - Data, Privacy, & Security Practice Report - May 2015

ONC Releases Updated Guide To Privacy And Security of Electronic Health Information ? The Office of the National Coordinator for Health Information Technology (“ONC”) recently released Version 2.0 of the Guide to Privacy and...more

North Dakota Focused on Privacy and Information Security; AG Wants to Know if You’ve Been Breached

Come August 1, North Dakota’s Attorney General will expect to hear from you if your company suffers a breach of computerized data affecting more than 250 persons. On April 13 North Dakota Governor Jack Dalrymple signed S....more

New HIPAA Guide to Privacy and Security of Electronic Health Information

The HHS Office of the National Coordinator for Health Information Technology (ONC) recently released Version 2.0 of its Guide to Privacy and Security of Electronic Health Information (Guide)....more

Issues Concerning Medical Identity Theft

Whenever a large data breach occurs in the healthcare industry, such as the Anthem Blue Cross Blue Shield breach this past winter, some news stories always seem to focus on the strange medical catastrophes that could...more

OCR Announces Settlement and Corrective Action Plan with Pharmacy Stemming from Alleged Violations

On April 24, 2015, the HHS Office for Civil Rights (“OCR”) once again stressed the importance of properly disposing of protected health information (“PHI”) when it announced its settlement and corrective action plan with...more

The BakerHostetler Data Security Incident Response Report 2015

The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 “the year of the breach.” Most incidents are described publicly with attention-grabbing terms such as...more

312 Results
|
View per page
Page: of 13

Follow Privacy Updates on:

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×