Breach Notification Rule

News & Analysis as of

20 Days Left to File Your Annual HIPAA Breach Report

Did your organization experience a HIPAA breach involving fewer than 500 individuals in 2015? If so, remember to submit your mandatory report to the Secretary of HHS no later than February 29, 2016, through the online breach...more

Deadline for Reporting “Small” 2015 HIPAA Breaches Approaching

For those covered entities who experienced one or more HIPAA breaches involving less than 500 individuals during the calendar year 2015, the deadline for reporting those breaches to the Secretary of the U.S. Department of...more

Privacy vs. Data Security: Why Plaintiffs in Consumer Data Breach Cases Still Have a Long Way to Go

The year 2005 really marked the beginning of the “era of data breaches,” and with it, the “era of data breach lawsuits.” The ChoicePoint data breach in late 2004, which first became newsworthy in early 2005, was the catalyst....more

Laws Governing Data Security and Privacy – U.S. Jurisdictions at a Glance (updated for 2016)

The chart blow constitutes a summary of the laws of various jurisdictions that govern data breach notifications. Please see full Publication below for more information. ...more

New Cybersecurity Law – Are You Prepared?

On December 18, 2015, President Obama signed into law the Cybersecurity Act of 2015. Beginning at Division N, Public Law 114-113 deals with cyber threats and includes the means and methods by which the private sector may...more

Legal Trends: Cybersecurity

New privacy torts have recently emerged in certain Canadian jurisdictions, including intrusion upon seclusion and publicity given to private life. Intrusion upon seclusion allows a plaintiff to sue if (1) a person has...more

A Primer on the GDPR: What You Need to Know

Now that it’s been approved by the EU Parliament’s Civil Liberties Committee, Europe’s General Data Protection Regulation (the “GDPR” or the “Regulation”) is well on its way to replacing the 20-year-old Data Protection...more

Gavel to Gavel: Data Breaches

While every business owner should understand the importance of protecting the personal information of customers and employees, the legal obligations resulting from a data breach may not always be clear. Originally...more

EU Cyber Security Directive (CSD) Introduces Cross Sector Data Breach Notification

The European Parliament, the Council and the Commission have agreed on the first EU-wide legislation on cybersecurity. Under the new measure, internet companies such as Google, Amazon, eBay and Cisco, but not social...more

Triple-S Management Corporation Will Pay $3.5 Million To Settle Potential HIPAA Violations

On November 30, 2015, the United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced that Triple-S Management Corporation had agreed to pay $3.5 million to settle potential violations of...more

EU Institutions Adopt First Pan-European Legislation on Cybersecurity

On December 7, 2015, after more than two years of legislative consideration, the European Union adopted the Directive on Network and Information Security (“NIS Directive”). Under the NIS Directive, operators of essential...more

Australia’s Proposed Data Breach Notification Law: What’s The Harm In A “Real Risk of Serious Harm” Standard?

Last week, the government of Australia released an “Exposure Draft” of a bill that, if passed into law, would amend Australia’s Privacy Act to require notification to the government and affected individuals in the event of a...more

Blog: University of Rochester Medical Center Reaches Agreement to Settle Alleged HIPAA Breach

Last week, the University of Rochester Medical Center (URMC) reached agreement with the New York Office of the Attorney General (NYOAG) to settle alleged violations of the Health Insurance Portability and Accountability Act...more

Alert: California and the EU’s Changing Privacy Laws

Privacy law has traditionally focused on an individual’s right to privacy vis-à-vis a government’s physical intrusion. Privacy law, however, has morphed in recent years to address concerns of the digital age, including data...more

California Amends Breach Notification Law: Unique New Refinements and Requirements

The California legislature has again amended the state’s breach notification statutes to impose new and unique requirements and refinements, adding further complexity to the patchwork of breach notification requirements....more

Potential Data Breach Could Affect Over 1,000 Medicaid Patients

The confidential health information of 1,615 Medicaid patients may have been compromised by the North Carolina Department of Health and Human Services (NC DHHS) on August 19, 2015, though the fact that this potential breach...more

NAIC Cybersecurity Task Force Adopts Cybersecurity Bill of Rights

On October 14, 2015, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force adopted the Cybersecurity Bill of Rights, a document meant to inform consumers of the services they can expect from...more

Recent Amendments to Security Breach Notification Laws Further Complicate Breach Notification for Employers

It is not a matter of "if" but "when" an employer will be required to notify employees of a security breach.  Forty-seven states require employers to notify employees when defined categories of personal information, including...more

NAIC Adopts Cybersecurity Bill of Rights

The National Association of Insurance Commissioners (“NAIC”) continued its efforts to advance cybersecurity in the insurance industry when it recently adopted the Cybersecurity Bill of Rights. The Cybersecurity Bill of Rights...more

CFTC Approves NFA Interpretive Notice on Information Systems Security Programs, Including Cybersecurity Guidance

The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

California Expands Data Breach Notification Requirements

On October 6, 2015, California Governor Jerry Brown signed into law three bills, A.B. 964, S.B. 570, and S.B. 34, expanding the requirements of California’s data breach notification law. The new requirements will become...more

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

California Does It Again – Data Breach Notification Requirements

California adopted the first breach notification statute in the nation, and prides itself at being in the forefront of consumer privacy and security issues. On October 6, 2015, for the third time in the past three years,...more

Employee Health Information: Separate and Secure

There are several reasons an employer might have employee health information, ranging from the results of a pre-employment physical to the contents of a request for FMLA leave to what’s written in a health provider’s note...more

293 Results
|
View per page
Page: of 12

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×