Science, Computers & Technology › Administrative Law › Privacy

Emails and Text Messages On Personal Devices Subject to Public Records Act - Judge’s Ruling Demonstrates Risk to Public Agencies;...

A Santa Clara County Superior Court judge recently ruled that emails and text messages concerning city business but stored on a public official’s personal device are subject to the Public Records Act (PRA). The PRA request at...more

Capper, Dir of National Intelligence, et al v. Amnesty International USA et al

SCOTUS Dismisses Federal Wiretapping Challenge

Full text copy of Supreme Court's dismissal of lawsuit challenging federal wiretapping program. On Tuesday, February 26, 2013, a divided Court dismissed a challenge to the FISA Amendments Act, which permits federal...more

EU Proposed Directive on Network and Information Security

On 7 February, the European Commission (EC) published an EU Cyber Security Strategy encompassing a proposed Directive on Network and Information Security (NIS Directive). The aim of the Strategy and NIS Directive is to...more

HIPAA Omnibus Final Rule - What's in it for Patients?

The Final Rule offers significant changes to patient rights and patient protections. (There is much more to the rule, but other aspects are not addressed in this post. Here you may find a link to the HIPAA Omnibus Rule, a...more

Finally! HHS Office of Civil Rights Releases HIPAA Omnibus Rule With Sweeping Changes to Compliance Requirements and Enforcement

The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more

Health Law Blog: Final HIPAA Rules Released

Yesterday, the U.S. Department of Health and Human Services (HHS) released the long-awaited final rules implementing changes to the HIPAA privacy and security rules enacted in 2009 by the HITECH Act....more

The HIPAA/HITECH Final Rule Has Been Released

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

Brace for Impact – Final HITECH Rules Will Require Substantially More Breach Reporting

HHS has finally issued its omnibus HITECH Rules. Our firm will issue a comprehensive summary of the rules shortly, but of immediate import is the change to the breach reporting harm threshold. The modification will make it...more

Hospitals Need To Focus On Data Privacy And Security

To restate the obvious, hospitals operate in a risky environment. They face a variety of risks and a blanket of government regulations. You have to admire the Chief Compliance Officer at a hospital. They learn to live with...more

Hospitals Need To Focus On Data Privacy And Security

To restate the obvious, hospitals operate in a risky environment. They face a variety of risks and a blanket of government regulations. You have to admire the Chief Compliance Officer at a hospital. They learn to live with...more

Telecommunications in the 113th Congress

The 112th Congress saw a lot of activity focused on new and changing technologies, but few legislative breakthroughs. Early in the year, there was significant activity around intellectual property and online piracy issues,...more

First HHS OCR Settlement for HIPAA Breach Involving Less Than 500 Patients Sends Message to Providers

On January 2, 2013, HHS announced that the Hospice of North Idaho (HONI) agreed to pay $50,000 and enter into a Corrective Action Plan (CAP) as part of a settlement involving a breach of unsecured electronic protected health...more

Recent Privacy Developments: California AG Continues to Lead on Mobile with New Recommendations and FTC Amends COPPA

Nearly all businesses today are involved in some way in the development or distribution of mobile applications. The first part of this Client Alert highlights recent activities of the California State Attorney General to...more

California Attorney General Announces Privacy Recommendations for Mobile Apps and the Mobile Industry

Yesterday Kamala Harris, California's Attorney General, issued Privacy on the Go: Recommendations for the Mobile Ecosystem. The report and recommendations are intended to encourage app developers and others in the mobile...more

Too Important to Lose? Draft Executive Order on Cybersecurity and Critical Infrastructure Reaches New Industries

A November 8, 2012 blog post entitled “Post-Election Cybersecurity” analyzed a draft Executive Order on critical infrastructure cybersecurity. A newer version, dated November 21, 2012, is similar to the prior version with...more

Privacy in Latin America

Originally published in Privacy & Security Law Report on January 7, 2013. The privacy landscape in Latin America is undergoing significant changes. With the enactment or implementation of laws in Colombia, Costa Rica,...more

Audits, Audits And More Audits: Life In The Healthcare Industry

Healthcare suppliers and service providers live in a regulated world. They are constantly under audit scrutiny. Sometimes federal agencies (i.e private contractors) conduct the audits; other times state agencies conduct the...more

California’s Attorney General Releases Privacy Recommendations for Mobile Apps

California’s Attorney General released, on January 10, 2013, a lengthy set of recommended privacy practices aimed at app developers, app platform providers, mobile ad networks, operating system developers, and mobile...more

Getting the Best Medical Care: a Newsletter from Patrick Malone - January 2013

In This Issue: - Six Things to Think About as Technology Advances - For More Information - Recent Health Care News You Should Know About - Check Out Our Previous Tips - Deep Thoughts for the New Year: Ethical...more

Birmingham Medical News: Make A New Year's Resolution To Review And Update Your Corporate Compliance Plan

Originally published in Birmingham Medical News, on January 7, 2013. Around this time each year, I like to remind my clients about matters they can address at the beginning of each year--a New Year's Resolution for the...more

First-Ever HIPAA Settlement Involving Fewer Than 500 Patients Announced

On January 2, 2013, the U.S. Department of Health and Human Services (HHS) announced a settlement with the Hospice of North Idaho (HONI) for potential HIPAA violations....more

OCR Reaches $50,000 Settlement with Hospice for Small Data Breach

Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more

Guidance on De-Identified Protected Health Information Offers In-depth Instruction on Technical Issues

The HITECH Act required the Secretary of Health and Human Services to publish a number of “Guidance” documents to inform the health care industry and its advisors about practical aspects of HIPAA compliance and HITECH...more

New Draft Regulations Soften Impact of CASL, but Concerns about Jobs and Compliance Costs Remain

Revised draft regulations under Canada’s anti-spam legislation (CASL) have been issued by Industry Canada. While the draft regulations provide some relief to businesses, Industry Canada has elected not to address concerns...more

Are Your Mobile Devices HIPAA Compliant? Practical Steps to Ensure Compliance

Mobile device use is becoming more commonplace in health care. Health care professionals use text messaging to communicate with each other about patient status. Medical schools now provide residents tablets to use as...more