Breach Notification Rule

News & Analysis as of

Time Waits for No One: OCR Announces First HIPAA Settlement for Lack of Timely Breach Notification

On Jan. 9, 2017, the Department of Health and Human Services Office for Civil Rights (“OCR”) announced the first HIPAA enforcement action for failure to timely report a breach. Often investigating and making formal...more

Failure to Timely Notify Results in Enforcement Action and Significant Settlement

For the first time, on January 9, 2017, the Department of Health and Human Services, Office for Civil Rights (HHS/OCR) settled a HIPAA enforcement action based on the untimely reporting of a breach of unsecured protected...more

Breach of Privacy Prompts Breach of Etiquette: DHHS Sets New Precedent in Privacy Breach Enforcement

On January 9, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) took action against a health system for non-timely reporting of a breach of protected health information. It was the first...more

Time is of the Essence When Reporting a Breach of PHI

The failure to timely report a breach of unsecured protected health information (PHI) has cost Presence Health (one of the largest health systems in Illinois) almost half of a million dollars. Earlier this month,...more

Three-Month Delay Means Health Network Must Pay

A delay in reporting a HIPAA violation can result in a significant monetary penalty. That was the message sent by the Office for Civil Rights (OCR), which recently announced the first HIPAA settlement based on the untimely...more

Cyber Alert: 2016 Breach Roundup, Part II: U.S. and EU Data Breach Notification Regulations Highlights and Trends

Frameworks requiring breach notifications of various kinds significantly expanded in scope in 2016 at both the state and federal levels. However, at least in the U.S., some of the new federal requirements may not be in place...more

Massachusetts Data Breach Notification History Now Available Online

The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) has published an online list of data breach notifications issued each year to Massachusetts residents since 2007, the inception of the...more

Massachusetts Breach Notifications Will Now Be Publicly Available Online

On Jan. 3, 2017, the Massachusetts Office of Consumer Affairs and Business Regulation announced that it will begin making its data breach notification archive publicly available online. Previously, data breach notifications...more

Three States Join Others to Expand Personal Information Definition to Include Usernames or Email Addresses

Businesses should take steps to protect usernames, email addresses, passwords, and security questions and answers. A key issue in determining whether notification is required following a data breach is whether...more

International Employers in Scope of the GDPR: Are You Ready?

The GDPR harmonizes data protection laws across the EU and updates the current 20-year-old regime to take account of globalization and the ever-changing technology landscape. It will apply not only to EU companies, but to...more

Chairman Wheeler to Leave FCC Jan. 20

Today, FCC Chairman Tom Wheeler confirmed that he will resign effective January 20, 2017, Inauguration Day. With Commissioner Rosenworcel unlikely to be confirmed for a new term, this would leave the FCC with two Republicans...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

FCC’s Final Privacy Rule – How Final Is It?

The Federal Communications Commission (FCC) adopted an order on Oct. 27, 2016, which started to go into effect this month, regarding privacy and data security obligations for broadband internet access service (BIAS) providers...more

Broadband Privacy Rules Published, FCC Stakes Out Role as Privacy Cop

On December 2, 2016, the FCC’s Broadband Privacy Report and Order (“Order”) was published in the Federal Register, triggering the 30-day deadline for petitions for reconsideration, and the effective dates for certain new...more

Broadband Privacy Rules Hit the Federal Register, Triggering Effective Dates

On December 2, 2016, a notice and summary of the Federal Communications Commission’s (FCC’s) controversial Broadband Privacy Order (the Order) was published in the Federal Register. The Order imposes comprehensive privacy...more

The Clock Has Started: What ISPs Need to Do and When to Comply with the FCC’s Broadband Privacy Rules

On December 2, 2016, the Federal Communications Commission (“FCC”) published its Report and Order entitled “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (the “Order”) as a final rule...more

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

Compliance Clock Begins to Tick for BIAS Providers Following Publication of Privacy Rules in the Federal Register

The FCC’s new privacy rules were published in the Federal Register last Friday, December 2, 2016. The publication of these rules initiates the period in which broadband ISPs must come into compliance with the agency’s...more

HHS Issues Warning About Phishing Campaign Disguised As Official Communication

As part of its efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) engages in audits of covered...more

What to Expect From the Trump FCC

In the days since the recent election, many tech, media and telecom industry observers remain unsure of what to expect from the Federal Communications Commission under the Trump administration. Fortunately, there are some...more

More on HIPAA Audits for 2016 and 2017–Desk Audits and On-Site Audits

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more

Data Security and Breach Notification Requirements of New FCC Privacy Order May Present Immediate Implementation Challenges for...

As ISPs continue to absorb the scope of the FCC’s recent Privacy Order (the “Order”), one immediate question presents itself: what steps must ISPs take to begin implementing the data security and breach notification...more

BIAS Rules: New FCC Regulations on Broadband Customer Privacy

On October 27, 2016, the Federal Communications Commission (“FCC” or “Commission”) adopted sweeping new privacy rules applicable to all telecommunications providers including broadband internet access service (“BIAS”) and...more

FCC’s Broadband Privacy Order: Dead on Arrival?

The Federal Communications Commission recently released an order containing new privacy protections for customers of broadband internet access service (BIAS) providers, which was adopted by a 3-2 vote along partisan lines. In...more

Hotly Anticipated Broadband Privacy Order Released by FCC

On Nov. 2, 2016, the FCC released its long-awaited broadband privacy Order and rules by a 3-2 vote. The Order comes nearly 18 months after the Commission moved to reclassify broadband internet access service (“BIAS”) as a...more

446 Results
|
View per page
Page: of 18
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×