News & Analysis as of

Covered Entities

Rite Aid Wins Summary Judgment in TCPA Action Involving Prerecorded, Automated Call for Flu Shot Reminder

In an outright win for pharmacies, the U.S. District Court for the Southern District of New York, in the attached opinion, granted Rite Aid’s motion for summary judgment in a class action alleging violations of the TCPA....more

First HIPAA Settlement Involving a Wireless Health Services Provider

by Saul Ewing LLP on

?On April 24, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that CardioNet, Inc. (CNI) agreed to pay $2.5 million and enter into a Corrective Action Plan (CAP) to settle...more

It’s Just Plain Risky Not to Do A Risk Analysis: Recent OCR Settlement One of Several Resulting from Failure to Analyze and...

by Williams Mullen on

On April 12, 2017, the Office for Civil Rights (“OCR”) announced a settlement and corrective action plan with a Colorado federally-qualified health center, Metro Community Provider Network (“MCPN”), after a 2012 breach of...more

Health Care Group News: OCR Published Three HIPAA Settlements in Two Weeks, Signaling a Ramp Up of HIPAA Enforcement Activity

by Murtha Cullina on

Providers Beware: OCR Published Three HIPAA Settlements in Two Weeks, Signaling a Ramp Up of HIPAA Enforcement Activity: Make sure risk assessments, business associate agreements and policies & procedures are in place...more

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

by Sherman & Howard L.L.C. on

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

Failure to Implement Business Associate Agreement Results in $31,000 Settlement For Health Care Provider

by Saul Ewing LLP on

On April 20, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Children’s Digestive Health (CDH) agreed to pay HHS $31,000 for its failure to have a business associate...more

New York Department of Financial Services Provides Guidance on Cybersecurity Regulation; Colorado Financial Regulator Proposes...

In April 2017, the New York Department of Financial Services (the “DFS”) released guidance on interpreting 23 NYCRR Part 500, its recently promulgated regulation that requires banks, insurance companies and other financial...more

Fate Uncertain for HHS’s Extension of ACA Discrimination Protections to Abortion & Gender Transition

by Genova Burns LLC on

In May 2016 HHS issued a final rule implementing the Affordable Care Act’s Section 1557 nondiscrimination provision, which applies to recipients of funding from HHS. The rule prohibits discrimination on the basis of gender...more

OCR Urges Covered Entities and Business Associates to Use HTTPS

New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities. According to OCR, the...more

Securing Protected Health Information: FBI Warning

by Burns & Levinson LLP on

HIPAA and the HITECH are federal laws that require the protection and security of confidential, protected health information (PHI) and personally identifiable information that is not necessarily health related. The federal...more

Alert: New York Wants Its Cybersecurity Regulation to Reach Nationwide

by Cooley LLP on

On April 9, 2017, Maria Vullo, the New York Department of Financial Services (NYDFS) superintendent, pronounced to state insurance commissioners that New York's new cybersecurity regulation could be the model for other...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

HIPAA Guidance Issued on Man-In-The-Middle Attacks

by McGuireWoods LLP on

Last week, the Office of Civil Rights (OCR) issued guidance on securing end-to-end communications for sensitive information transmitted between parties over the internet. The OCR warns against “man-in-the-middle” (MITM)...more

Recent HIPAA Privacy and Security Settlements and Lessons Learned

by Perkins Coie on

Although the fate of the Affordable Care Act remains undecided, enforcement of the HIPAA privacy and security regulations by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services is ongoing,...more

OCR Identifies Continuing HIPAA Enforcement Issues, Areas of Future Guidance and Regulations

Last week the Health Care Compliance Association hosted its annual “Compliance Institute.” Iliana Peters, HHS Office for Civil Rights’ Senior Advisor for HIPAA Compliance and Enforcement, provided a thorough update of HIPAA...more

2017 HIPAA Enforcement: New Settlements and Penalties Already Total Over $11,000,000

by Williams Mullen on

In our last post, we highlighted the 2016 settlements between the Office for Civil Rights (OCR) and various covered entities (and business associates), in one of OCR’s most active years. As of now, 2017 is proving to be on...more

HHS Expected to Release Significant HIPAA Privacy Guidance This Year; Compliance Audits Proceed; Guide on Compliance Program...

by WilmerHale on

HIPAA privacy guidance, audits, and enforcement are continuing under the new Administration. On March 27, 2017, Iliana Peters, Senior Adviser for HIPAA Compliance and Enforcement at the US Department of Health and...more

New York Makes Cybersecurity Rule Covering the Financial Services Industry Final; Sets Transitional Periods for Compliance

by Bryan Cave on

Last month the New York Department of Financial Services (NYDFS) released its final rule requiring banks, insurance companies, other financial institutions, and individuals regulated by the agency to maintain a written...more

A New FBI Warning for Healthcare Providers

The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more

New York Cybersecurity Regulations: What Do They Mean and When Do They Mean it By?

by Morrison & Foerster LLP on

The New York State Department of Financial Services (NYDFS) has released guidance for covered financial institutions regarding its cybersecurity rule (the “Cybersecurity Rule” or “Rule”) that took effect on March 1, 2017. ...more

340B Program Ceiling Price and CMP Final Rule Delayed Until May 22

by Hogan Lovells on

On 20 March 2017, the Health Resources and Services Administration (HRSA) published an Interim Final Rule (IFR) delaying the effective date of the 340B Ceiling Price and Civil Monetary Penalties (CMP) Rule (the Final Rule)...more

HIPAA Checkup – How Good Are Your Policies and Procedures?

by Snell & Wilmer on

Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more

NYDFS Cybersecurity Regulations Compliance Guide: Applicability, Exemptions and Penalties

by White & Case LLP on

As discussed in our March 1, 2017 update,1 the New York Department of Financial Services ("NYDFS") issued final regulations that require New York banks and insurance companies, as well as other financial services companies...more

NY DFS Publishes Final Cybersecurity Rules for Financial Services Companies 

On March 1, 2017, the New York Department of Financial Services (the DFS) published a notice of adoption of its final cybersecurity regulation (the Final Regulation). The regulation was first announced with much fanfare by...more

New York Department of Financial Services Implements New “First-in-the-Nation” Cybersecurity Regulations

by Blank Rome LLP on

As of March 1, 2017, New York financial institutions subject to the oversight of the New York Department of Financial Services (“DFS”) are required to comply with a new cybersecurity regulatory scheme. Compliance deadlines...more

672 Results
|
View per page
Page: of 27
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!