Privacy Health Consumer Protection

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Additional Clarification regarding HHS OCR Phishing Email Alert

More information from HHS OCR about the phishing threat... ..On November 28, 2016, the HHS Office for Civil Rights issued a listserv announcement warning covered entities and their business associates about a phishing...more

OCR Provides Additional Clarification on Phishing Scam

As we reported earlier this week, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights described a phishing campaign that is attempting to convince recipients of their inclusion in OCR’s Phase 2...more

HHS OCR Alert: Phishing Email Disguised as Official OCR Audit Communication

This alert just in from HHS OCR: “It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to...more

OCR Warns of Phishing Campaign Disguised as Official OCR Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Monday describing a phishing campaign disguised as an email from OCR. The email is being circulated on mock HHS...more

FTC Announces New Guidance on Ransomware

On November 10, 2016, the U.S. Federal Trade Commission (FTC) released new guidance for businesses and consumers on the impact of, and how to respond to ransomware. Ransomware is a form of malicious software that infiltrates...more

More on HIPAA Audits for 2016 and 2017–Desk Audits and On-Site Audits

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more

Cybersecurity 2017 – The Year In Preview: HIPAA Compliance

Editor’s Note: This is the third in a continuing end-of-year series. The year ahead promises to be a busy one for those with responsibility for HIPAA compliance, as the Office of Civil Rights (OCR), charged with...more

OCR Guidance Underscores Importance of Authentication under HIPAA

In its tenth OCR Cyber Awareness Newsletter of the year (Newsletter), the Office for Civil Rights (OCR) reminded HIPAA-covered entities and business associates of the importance of selecting an appropriate authentication...more

OCR Reminds Companies that Authentication is Key

In non-election news, the Office for Civil Rights (OCR) at the Department of Health and Human Services recently released its November Cyber Awareness Newsletter. This month’s newsletter focuses on the topic of...more

2016 Security of Things® Forum

The third annual Security of Things® Forum (SECOT) in Cambridge, Massachusetts fostered discussion on a variety of cyber-security related topics ranging from a standards-based approach to security connected devices to...more

Confusing Joint Guidance published by OCR and FTC on HIPAA Authorization Forms

There are arguments that there is a dearth of guidance by both the Office for Civil Rights (OCR) and Federal Trade Commission (FTC), so when guidance comes out, we listen. But the most recent guidance jointly issued by the...more

Into the Cloud: New Guidelines for HIPAA Covered Entities and Business Associates

The advent of cloud computing has raised questions about how companies subject to HIPAA can take advantage of the technology while still complying with their privacy and security obligations under federal law. In response,...more

CMS Releases the First Comprehensive Overhaul of Nursing Home Conditions of Participation in Over 25 Years

On October 4, 2016, the Center for Medicare and Medicaid Services (CMS) published a final rule to revise the requirements that Long-Term Care facilities must meet to participate in the Medicare and Medicaid programs. CMS...more

Federal Court Finds That 2015 TCPA Safe Harbor Applies to Automated Flu Shot Reminders

A recent decision from a federal court in California found that a retail pharmacy’s “flu shot reminder” calls to mobile phones fall within the FCC’s TCPA safe harbor for exigent health care treatment messages. But the holding...more

Sharing Consumer Health Information? Look to HIPAA and the FTC Act

Does your business collect and share consumer health information? Check out these tips from the FTC for complying with HIPAA and the FTC Act....more

HHS-OCR Announces Guidance On HIPAA Compliance And Cloud Computing

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more

FTC Bureau Director Highlights Continuing Health-Related Enforcement, Homeopathic Guidance, and ROSCA at NAD Conference

Jessica Rich, Director of the FTC’s Bureau of Consumer Protection, highlighted the agency’s enforcement priorities at the National Advertising Division’s annual conference earlier this week. Key mentions included the...more

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

LabMD Seeks To Stay FTC Decision Related To Evidence Of Consumer Harm Pending Appeal

LabMD—a medical testing lab that, the Federal Trade Commission (“FTC”) alleged, exposed consumer personal information through a peer-to-peer (“P2P”) file-sharing network—is now seeking a stay pending its appeal of the FTC’s...more

September Privacy and Security Updates

Although National Cyber Security Month isn’t until October, September has brought plenty of privacy and security updates that health care companies need to be aware of. In this post, we review guidance from the Office for...more

Don’t Ignore Ransomware Vulnerabilities; You Could Be Violating FTC Act

Last week, the Federal Trade Commission convened a ransomware workshop to discuss the rising epidemic of attacks against U.S. businesses and individuals. In a ransomware attack, a malicious actor tricks a user into...more

Sixth Circuit Denies Seal of Approval for Unjustified Filings Under Seal

Litigants and third parties subpoenaed to produce information in litigation who believe that information that they deem confidential will not ever become part of the public record so long as a discovery protective order is in...more

"Privacy & Cybersecurity Update - August 2016"

In this edition of our Privacy & Cybersecurity Update, we highlight guidance issued by the Irish data protection authority regarding the use of location data, as well as the FTC's request for comment on its Standards for...more

OCR: No privacy breach is too small

The Office for Civil Rights (OCR) HIPAA enforcement efforts are continuing to increase. This year, the OCR has already announced 10 HIPAA enforcement actions involving fines, which is a 67 percent increase from last year and...more

OCR to Focus More Investigative Resources on Smaller HIPAA Breaches with Less Than 500 Individuals Affected

The Department of Health & Human Services (DHHS) Office of Civil Rights (OCR) recently announced it will devote more resources to investigate smaller HIPAA breaches. Before this announcement, OCR typically opened...more

548 Results
|
View per page
Page: of 22

Follow Privacy Updates on:

JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×