Breach Notification Rule

News & Analysis as of

California Amends Breach Notification Law: Unique New Refinements and Requirements

The California legislature has again amended the state’s breach notification statutes to impose new and unique requirements and refinements, adding further complexity to the patchwork of breach notification requirements....more

Potential Data Breach Could Affect Over 1,000 Medicaid Patients

The confidential health information of 1,615 Medicaid patients may have been compromised by the North Carolina Department of Health and Human Services (NC DHHS) on August 19, 2015, though the fact that this potential breach...more

NAIC Cybersecurity Task Force Adopts Cybersecurity Bill of Rights

On October 14, 2015, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force adopted the Cybersecurity Bill of Rights, a document meant to inform consumers of the services they can expect from...more

Recent Amendments to Security Breach Notification Laws Further Complicate Breach Notification for Employers

It is not a matter of "if" but "when" an employer will be required to notify employees of a security breach.  Forty-seven states require employers to notify employees when defined categories of personal information, including...more

NAIC Adopts Cybersecurity Bill of Rights

The National Association of Insurance Commissioners (“NAIC”) continued its efforts to advance cybersecurity in the insurance industry when it recently adopted the Cybersecurity Bill of Rights. The Cybersecurity Bill of Rights...more

CFTC Approves NFA Interpretive Notice on Information Systems Security Programs, Including Cybersecurity Guidance

The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

California Expands Data Breach Notification Requirements

On October 6, 2015, California Governor Jerry Brown signed into law three bills, A.B. 964, S.B. 570, and S.B. 34, expanding the requirements of California’s data breach notification law. The new requirements will become...more

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

California Does It Again – Data Breach Notification Requirements

California adopted the first breach notification statute in the nation, and prides itself at being in the forefront of consumer privacy and security issues. On October 6, 2015, for the third time in the past three years,...more

Employee Health Information: Separate and Secure

There are several reasons an employer might have employee health information, ranging from the results of a pre-employment physical to the contents of a request for FMLA leave to what’s written in a health provider’s note...more

California Updates Data Breach Notification Statute

Three bills that will update California’s data breach notification requirements have been signed into law by Governor Jerry Brown. The bills impose specific requirements on providing breach notification to consumers, add a...more

Alert: New Department of Defense Regulations Mandate the Reporting of Cyber Incidents

The Department of Defense (DoD) has published regulations that require DoD contractors to report cyber incidents impacting unclassified DoD contractor systems. The new regulations mandate compliance with elements of the...more

California Beefs Up Encryption & Notice in Data Breach Law

On October 8, 2015, California Governor Jerry Brown signed A.B. 964 and S.B. 570 into law, a pair of bills that amended the Golden State’s data breach notification statute (Ca. Civ. Code § 1798.82). The amendments...more

The FTC’s Broad Authority and FTC v. Wyndham: Thinking about the Future of Data Privacy Regulations

What makes data privacy law interesting for academics, challenging for lawyers, and frustrating for businesses its shape-shifting structure in the face of rapidly changing technology. The recent change in the invalidation of...more

California Enacts Three Bills Amending Breach Notification Statute

Last week, California Governor Jerry Brown signed into law three bills that revise California’s data breach notification statute. The bills, which take effect January 1, 2016, establish specific formatting requirements for...more

California Updates its Data Breach Notice Statute (Again)—What You Need to Know

On October 6, California Governor Jerry Brown signed legislation updating California’s data breach notice statute for the third time in three years.  The news was quickly overshadowed by the CJEU’s decision invalidating the...more

California Governor Signs Law Amending Civil Code Privacy Provisions

On October 6, Governor Jerry Brown (D-CA) signed into law AB 964/Chapter 522, which, among other things, defines “encrypted” as it pertains to data breach notification requirements for business and public agencies....more

California Amends Its Breach Notification Statute

For the third time in as many years, California has once again amended its breach notification statute. This time it expanded the definition of “personal information,” clarified the term “encryption,” and mandated additional...more

California Updates Data Breach Notification Statute; Provides Model Notification Form

On October 6, California Governor Jerry Brown signed into law two different updates to California’s data breach notification statute. Both updates will become effective on January 1, 2016....more

OIG Reports Insufficient Oversight Of HIPAA Compliance

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

California Amends Definition of Personal Identifiable Information and Breach Notification Content Requirements

On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more

Privacy Tip #4—What do I do when I get a letter informing me of a data breach?

We’ve all gotten them–the dreaded letter that informs us that our data has been compromised, including our Social Security number. Some have received so many of these “notifications” that they are de-sensitized, throw their...more

New challenges created by China’s new draft cybersecurity law

In July 2015, China released its new draft cybersecurity law (the ‘Law’), which will potentially have far-reaching consequences for network operators and companies doing business in China....more

EXPECT FOCUS: Onboard Technology, NAIC Cybersecurity, DOL, ACA Litigation, SEC Regulation (Vol. III, Summer 2015)

In This Issue: IN THE SPOTLIGHT - - Your Data Breach Collided With My Personal Injury Coverage LIFE INSURANCE - - Phantom Injury Dooms “Shadow Insurance” Case - Latest NAIC Cybersecurity News - A...more

281 Results
View per page
Page: of 12

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.