News & Analysis as of

Recent OCR Reports Illustrate Past and Future Compliance and Enforcement Efforts

Daily news stories about data breaches and enforcement actions seem to be the new norm, so it’s no surprise that people may start to believe that hackers have won the war and that no personal health information is safe. But...more

Florida’s New Data Breach Notification Requirements Take Effect July 1

On June 20, 2014, Florida Governor Rick Scott signed the Florida Information Protection Act of 2014 (FIPA) into law. FIPA imposes stringent new security and notice requirements on businesses and employers that maintain...more

Security Breach Notification Chart - Revised June 2014

Perkins Coie's Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in...more

SEC Requires Greater Disclosure of Cyber Events

Cyber is still a relatively young risk and the various stakeholders in cyber-risk are at times, still trying to determine their particular role. This includes the officers and/or directors of companies for establishing...more

Ignoring XP End Of Life May Make Your Company An Attractive Target

On April 8, Microsoft officially ended all support and ceased providing updates for their Windows XP operating system. This “end of life” (EOL) announcement is not uncommon with software platforms, where continued support of...more

The GPMemorandum, Issue 180

In This Issue: - Franchisor Uses Uniform Domain-Name Dispute-Resolution Policy To Obtain Control Over Infringing Domain: A franchisor whose trademark was being infringed in a domain name recently obtained...more

Health Law Insights Newsletter - April 2014

In This Issue: - Federal Updates - State Updates - HIPAA Updates - Excerpt from Centers for Medicare & Medicaid Services Issues Guidance for Meaningful Use Hardship Exception: The Centers...more

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action. Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon...more

HHS's New Security Risk Tool for HIPAA Compliance

On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more

What is “Expedient” Notification of a “Data Breach?”

One of the first questions companies ask us when we are hired to help them respond to a new security incident is how fast they have to notify if the investigation shows that a “breach” occurred. Except for a couple of states...more

FTC’s 50th Data Security Settlement Sends a Message: Be Careful with Overseas Contractors

The Federal Trade Commission (FTC) sent a message about the importance of imposing appropriate security measures on—and monitoring—vendors with access to confidential consumer information. The FTC issued a 20-year consent...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

Accretive Health Data Breach Leads To Twenty-Year Settlement With The FTC

On December 31, 2013, the Federal Trade Commission ("FTC") announced that Accretive Health, Inc., ("Accretive") agreed to settle charges that the company's inadequate data security measures exposed sensitive consumer...more

Are You Ready For California’s “Do Not Track” Requirements?

Over the last several months, California has passed several new privacy and data protection laws that impact operators of websites, online services and mobile applications around the country, including a law establishing an...more

New Law Requires All Public Agencies in California To Notify Residents Affected by a Security Breach: BB&K Attorneys Examine the...

Cities, counties, water agencies and school districts have some of our most personal information, including our date of birth, Social Security number, driver’s license number and medical information. This is the type of...more

The Challenges of Compliance

Compliance, like many other aspects of the business world, is a balance of risks. Unfortunately, it often takes an organization being rebuked in some fashion before it realizes the importance of failure to be in compliance. ...more

SEC Continues to Target Cybersecurity Disclosures

Over the past two years, the U.S. Securities and Exchange Commission’s Division of Corporation Finance (Corp Fin) has highlighted the importance of cybersecurity disclosures in filings with the SEC. Corp Fin’s initiative...more

Is Your Company Ready For California's Expanded Data Security Notification Law?

Effective January 1, 2014, California residents must be notified when the information used to access their email or other online accounts is compromised in a data security breach incident. ...more

FTC Complaint Against Medical Laboratory Signals Agency’s Continued Intent to Assert Authority in Data-Security-Breach Actions

In taking action against medical laboratory LabMD, the U.S. Federal Trade Commission demonstrated its continued intent to assert authority through the Federal Trade Commission Act in data-security-breach actions. On August...more

Health Plan Fined for HIPAA Breach Relating to Information Stored on Photocopiers

On Wednesday, August 14, 2013, the U.S. Department of Health and Human Services (HHS), announced that it had reached a $1,215,780 settlement with Affinity Health Plan, Inc., a not-for-profit managed care plan serving the New...more

The Road Map to HIPAA Compliance: What Your Nonprofit Needs to Know

In this presentation: - Overview of HIPAA - Privacy Rule - Notice of Breach - Security Rule - Business Associates & Business Associate Agreements - Notice of Privacy...more

HIPAA Omnibus Final Rule Compliance Date Is Only Two Months Away

The compliance date for the omnibus final rule amending the privacy, security, breach notification and enforcement regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information...more

Employer BYOD Concerns: Part 2 of It's 2013. Do You Know Where Your BYOD Policies Are?

In Part 2 of "It's 2013. Do You Know Where Your BYOD Policies Are?" we will discuss employer BYOD concerns. Check out Part 1 to learn more about employee interests; Part 3 will present developing trends and suggest best...more

Internet Regulation and Data Privacy in China

China is the world’s second largest economy, with an annual growth rate of more than eight percent and a rapidly growing middle class. Foreign investment into China routinely exceeds US$100 billion a year. Businesses from all...more

The New Normal: Taking Responsibility for Your Vendors  [Video]

As financial institutions continue to strive for reduced costs and greater efficiencies, they are increasingly turning to third-party vendors to handle a wide variety of tasks, from marketing and sales to payment processing....more

54 Results
|
View per page
Page: of 3