News & Analysis as of

Covered Entities

Failure to Implement Business Associate Agreement Results in $31,000 Settlement For Health Care Provider

by Saul Ewing LLP on

On April 20, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Children’s Digestive Health (CDH) agreed to pay HHS $31,000 for its failure to have a business associate...more

New York Department of Financial Services Provides Guidance on Cybersecurity Regulation; Colorado Financial Regulator Proposes...

In April 2017, the New York Department of Financial Services (the “DFS”) released guidance on interpreting 23 NYCRR Part 500, its recently promulgated regulation that requires banks, insurance companies and other financial...more

Fate Uncertain for HHS’s Extension of ACA Discrimination Protections to Abortion & Gender Transition

by Genova Burns LLC on

In May 2016 HHS issued a final rule implementing the Affordable Care Act’s Section 1557 nondiscrimination provision, which applies to recipients of funding from HHS. The rule prohibits discrimination on the basis of gender...more

OCR Urges Covered Entities and Business Associates to Use HTTPS

New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities. According to OCR, the...more

Securing Protected Health Information: FBI Warning

by Burns & Levinson LLP on

HIPAA and the HITECH are federal laws that require the protection and security of confidential, protected health information (PHI) and personally identifiable information that is not necessarily health related. The federal...more

Alert: New York Wants Its Cybersecurity Regulation to Reach Nationwide

by Cooley LLP on

On April 9, 2017, Maria Vullo, the New York Department of Financial Services (NYDFS) superintendent, pronounced to state insurance commissioners that New York's new cybersecurity regulation could be the model for other...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

HIPAA Guidance Issued on Man-In-The-Middle Attacks

by McGuireWoods LLP on

Last week, the Office of Civil Rights (OCR) issued guidance on securing end-to-end communications for sensitive information transmitted between parties over the internet. The OCR warns against “man-in-the-middle” (MITM)...more

Recent HIPAA Privacy and Security Settlements and Lessons Learned

by Perkins Coie on

Although the fate of the Affordable Care Act remains undecided, enforcement of the HIPAA privacy and security regulations by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services is ongoing,...more

OCR Identifies Continuing HIPAA Enforcement Issues, Areas of Future Guidance and Regulations

Last week the Health Care Compliance Association hosted its annual “Compliance Institute.” Iliana Peters, HHS Office for Civil Rights’ Senior Advisor for HIPAA Compliance and Enforcement, provided a thorough update of HIPAA...more

2017 HIPAA Enforcement: New Settlements and Penalties Already Total Over $11,000,000

by Williams Mullen on

In our last post, we highlighted the 2016 settlements between the Office for Civil Rights (OCR) and various covered entities (and business associates), in one of OCR’s most active years. As of now, 2017 is proving to be on...more

HHS Expected to Release Significant HIPAA Privacy Guidance This Year; Compliance Audits Proceed; Guide on Compliance Program...

by WilmerHale on

HIPAA privacy guidance, audits, and enforcement are continuing under the new Administration. On March 27, 2017, Iliana Peters, Senior Adviser for HIPAA Compliance and Enforcement at the US Department of Health and...more

New York Makes Cybersecurity Rule Covering the Financial Services Industry Final; Sets Transitional Periods for Compliance

by Bryan Cave on

Last month the New York Department of Financial Services (NYDFS) released its final rule requiring banks, insurance companies, other financial institutions, and individuals regulated by the agency to maintain a written...more

A New FBI Warning for Healthcare Providers

The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more

New York Cybersecurity Regulations: What Do They Mean and When Do They Mean it By?

by Morrison & Foerster LLP on

The New York State Department of Financial Services (NYDFS) has released guidance for covered financial institutions regarding its cybersecurity rule (the “Cybersecurity Rule” or “Rule”) that took effect on March 1, 2017. ...more

340B Program Ceiling Price and CMP Final Rule Delayed Until May 22

by Hogan Lovells on

On 20 March 2017, the Health Resources and Services Administration (HRSA) published an Interim Final Rule (IFR) delaying the effective date of the 340B Ceiling Price and Civil Monetary Penalties (CMP) Rule (the Final Rule)...more

HIPAA Checkup – How Good Are Your Policies and Procedures?

by Snell & Wilmer on

Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more

NYDFS Cybersecurity Regulations Compliance Guide: Applicability, Exemptions and Penalties

by White & Case LLP on

As discussed in our March 1, 2017 update,1 the New York Department of Financial Services ("NYDFS") issued final regulations that require New York banks and insurance companies, as well as other financial services companies...more

NY DFS Publishes Final Cybersecurity Rules for Financial Services Companies 

On March 1, 2017, the New York Department of Financial Services (the DFS) published a notice of adoption of its final cybersecurity regulation (the Final Regulation). The regulation was first announced with much fanfare by...more

New York Department of Financial Services Implements New “First-in-the-Nation” Cybersecurity Regulations

by Blank Rome LLP on

As of March 1, 2017, New York financial institutions subject to the oversight of the New York Department of Financial Services (“DFS”) are required to comply with a new cybersecurity regulatory scheme. Compliance deadlines...more

Trio of Bills Would Impose Human Trafficking Obligations on Lodging Industry

by Fisher Phillips on

A trio of bills introduced recently in the California Legislature seek to involve the lodging industry in efforts to combat human trafficking. Assembly Bill 260 by Assemblymember Miguel Santiago (D-Los Angeles) would...more

New York Department of Financial Services Cybersecurity Regulations Take Effect | Publications

by McCarter & English, LLP on

PDF Version New cybersecurity-related regulations issued by New York state regulators took effect March 1, 2017. The rules, which directly impact all entities regulated by the New York Department of Financial Services (such...more

New York DFS Finalized Cybersecurity Regulations Go Into Effect March 1, 2017

by Bracewell LLP on

On February 16, 2017, the New York State Department of Financial Services (DFS) announced the final version of the “first-of-its-kind” cybersecurity regulations governing financial institutions, insurance companies, and other...more

New York's Far-Reaching Cybersecurity Law Takes Effect March 1 - Are You Ready?

by Fisher Phillips on

New York’s Department of Financial Services Cybersecurity regulation became effective March 1. According to the press release issued with the regulation, the regulation is intended to require banks, insurance companies and...more

Cybersecurity and Data Privacy: Department of Financial Services Issues Final Cybersecurity Regulations With Broad Implications...

On February 16, 2017, the New York State Department of Financial Services ("DFS") issued final cybersecurity regulations, with extensive new requirements for cybersecurity programs by entities regulated by DFS ("Covered...more

667 Results
|
View per page
Page: of 27
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!