News & Analysis as of

Privacy Science, Computers & Technology Health

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:

HIPAA Refresher for Workplace Wellness Programs

Now more than ever, workplace wellness programs are becoming increasingly popular among employers. A common concern many employers have is how to design a meaningful workplace program intended to improve the health of...more

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

by Sherman & Howard L.L.C. on

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

Failure to Implement Business Associate Agreement Results in $31,000 Settlement For Health Care Provider

by Saul Ewing LLP on

On April 20, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Children’s Digestive Health (CDH) agreed to pay HHS $31,000 for its failure to have a business associate...more

An Opportunity to Shape Compliance with GDPR

by Hogan Lovells on

A close observer of the GDPR will have noticed that, in several places, individual EU Member States can implement derogations from the GDPR requirements. Of course, as a regulation under EU law there is less scope for local...more

HIPAA and the Cloud’s Shared Responsibility Models

by Snell & Wilmer on

Cloud-based service providers (CSPs), like Amazon Web Services and Microsoft Azure, offer online access to shared computing resources. As such, they have developed a “shared responsibility model” for how CSPs and companies...more

St. Jude Medical On Hot Seat for Cybersecurity Flaws in Home Monitoring System

The Food and Drug Administration (FDA) recently issued a warning letter to St. Jude Medical, alleging that it failed to properly investigate issues with the batteries in its defibrillator implants and for failing to fix the...more

Small Healthcare Provider Pays $31,000 for Failing to Have a Business Associate Agreement With File Storage Vendor

by Jackson Lewis P.C. on

Disclosing protected health information (PHI) to a business associate without a compliant business associate agreement (BAA) is an improper disclosure under the HIPAA privacy and security regulations. According to the HHS...more

Deeper Dive: Frequency and Severity

by BakerHostetler on

All industries are affected by cyberattacks, but how often and to what extent they occur vary greatly by industry type. As for frequency, the healthcare industry in 2016, for the third year in a row, saw the greatest...more

OCR Levies Hefty Fine Against FQHC

Showing no signs of letting up on enforcement actions, the Office for Civil Rights (OCR) late last week settled an investigation against Metro Community Provider Network MCPN, a Colorado based federally qualified health...more

March Sees an Uptick in Health Data Breaches

The monthly breach report issued by Protenus last week outlining data breaches that occurred in the month of March concludes that there was an “uptick in the number of health data breach incidents.”...more

Phishing Incident Leads to $400,000 HIPAA Settlement

by Saul Ewing LLP on

?On April 12, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Metro Community Provider Network (MCPN) agreed to pay HHS $400,000 to settle alleged HIPAA Security Rule...more

FBI Warning on Cybercriminals Targeting FTP Servers to Compromise Protected Health Information

by Roetzel & Andress on

In March 2017, the Federal Bureau of Investigation (FBI) issued a Private Industry Notice (Notice) advising that the FBI is aware that cybercriminals are actively targeting File Transfer Protocol (FTP) servers in “anonymous”...more

Gone Phishin’: Hack Leads to HIPAA Settlement

While your business may indeed be a “victim” when hit by a phishing attack, your enterprise can also be responsible for violations of law associated with the incident. Earlier this week, the HHS Office for Civil Rights...more

Major League Baseball Wearable Tech Experiment Raises Athlete Privacy Issues

by King & Spalding on

On March 6, 2017, Major League Baseball (“MLB”) announced that it has officially approved a wearable biometric monitoring device (the “Device”) for in-game use by athletes. Created by WHOOP Inc. (“WHOOP”), the Device is the...more

$400,000 Settlement Highlights Need for Pre- and Post-Breach Safeguards

by Dickinson Wright on

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced another Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement. This one is with Metro Community Provider...more

ABCD Pediatrics Victim of Ransomware

ABCD Pediatrics, located in San Antonio, Texas has notified the Office for Civil Rights that a ransomware cyber intrusion has resulted in access to its servers, including the protected health information (PHI) of its...more

OCR Urges Covered Entities and Business Associates to Use HTTPS

New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities. According to OCR, the...more

Washington University School of Medicine Victim of Phishing Attack

Another employee falls for a phishing attack. This time, it was an employee of the Washington University School of Medicine The employee received a phishing email on December 2, 2016, and feel for what looked like a real...more

Privacy and the Internet of Medical Things: What’s a curmudgeon to do?

by Thompson Coburn LLP on

One of the authors of this piece uses a medical device that is wirelessly networked to the device’s vendor. The author recently received a text message from the vendor, sending “congratulations” for using the device for an...more

Geotargeting Medical Facilities? Massachusetts Says ‘No Snoop For You!’

by Morgan Lewis on

Geotargeting—delivering content to users based on their geographic location—has become a popular and effective marketing tool. Yet proper implementation may be more nuanced than originally contemplated because certain...more

Securing Protected Health Information: FBI Warning

by Burns & Levinson LLP on

HIPAA and the HITECH are federal laws that require the protection and security of confidential, protected health information (PHI) and personally identifiable information that is not necessarily health related. The federal...more

Apple's Secret Team Working on Diabetes Solution Through Wearables

by Taylor English Duma LLP on

Yesterday's news about Apple's secret effort to find the 'holy grail' for treating diabetes is just the tip of the iceberg. The data-mining and communications solutions that are made possible by the Internet will...more

Ten Years of Conditional Marketing Authorizations

by Jones Day on

The European Medicines Agency ("EMA") published a report ("EMA report") concerning the data collected over 10 years—between July 2006 and June 2016—on the so-called "conditional marketing authorizations" ("CMAs")....more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

Erie County Medical Center IT Systems Shut Down By Virus

Buffalo, New York Erie County Medical Center has announced that its IT system has been shut down since Sunday, April 11, 2017, due to an unnamed virus. The shut-down has affected the medical facility’s email system,...more

1,795 Results
|
View per page
Page: of 72
Cybersecurity

Follow Privacy Updates on:

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.

Feedback? Tell us what you think of the new jdsupra.com!