Data Breach Healthcare

News & Analysis as of

Getting More Personal: California Amends Data Security Law

California’s data security statute will get a little more “personal” as of January 1, thanks to a recently-passed amendment revising the definition of covered personal information. On July 14 California expanded the...more

“Everything Old is New Again” – Issues in Recent Cyber Insurance Litigation

Early days still for coverage litigation about cyber risks – whether under cyber insurance policies or other types of policies. This is not surprising given the relatively short history of cyber risks and even shorter history...more

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Class action filed against UCLA following data breach

We previously reported that UCLA suffered a data breach affecting 4.5 million patients. Days following the announcement of the breach, plaintiffs filed a proposed class action lawsuit against UCLA, alleging that UCLA should...more

Internet-Based Document Sharing Applications Scrutinized

On July 8, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and St. Elizabeth’s Medical Center (SEMC) located in Boston, Massachusetts entered into an agreement following an investigation...more

Orrick's Policyholder Insider Quarterly

Five Lessons Health Care Companies Should Learn From Cyberattacks - The American health care industry is under attack by sophisticated hackers seeking access to electronic medical records. Since January, three health...more

OCR Settlement with Massachusetts Hospital Over HIPAA Violations

On July 8, 2015, the United States Department of Health and Human Services, Office for Civil Rights (“OCR”), which enforces federal privacy standards for protected health information (“PHI”), settled an enforcement action...more

UCLA Health System announces data breach affecting 4.5 million patients and medical providers

Adding to the long list of cyber hacking victims, the UCLA Health System announced on Friday (July 17, 2015) that it confirmed on May 5, 2015 that a cyber-attacker had accessed parts of UCLA Health’s network back to September...more

A website coding upgrade error causes a breach says Blue Shield of California

Blue Shield of California is sending out notification letters to 843 of its members advising them that as a result of a computer code update it made to its website, when members logged into their own accounts, they were able...more

Proceed With Caution: Does HIPAA Apply to Your Business?

Even if your business is not in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act (HITECH...more

Is My Telehealth App Subject to HIPAA?

Many telehealth and mHealth app developers are concerned about whether or not their app is a medical device under FDA regulations (and rightfully so), they often pay less attention to the Health Insurance Portability and...more

HIPAA Settlement Regarding Use of Internet Applications

On July 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton, Massachusetts, regarding potential...more

Recent HHS Settlement Highlights Risks of Electronically-Sharing Protected Health Information

On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more

“Don’t Call Us, We’ll Call You.” The FCC’s Latest TCPA Ruling Imposes Even More Restrictions on Telemarketing Calls and Texts

On July 10, 2015, the Federal Communications Commission released the Omnibus Declaratory Ruling and Order (the Order) it adopted on June 18. The Order addresses requests for clarification regarding requirements under the...more

Use of File-Sharing Service Leads To $218,400 Fine For HIPAA Violations

Internet-based file-sharing services such as Dropbox and Google Drive can be easy and convenient to use, whether via the touch of an app on a mobile device or by opening a browser on a PC. Healthcare professionals are often...more

FCC’s TCPA Order Offers Little Clarity or Relief for Businesses

In potentially its most significant action under the Telephone Consumer Protection Act (TCPA) since the 2003 overhaul of its rules ushering in the National Do-Not-Call Registry and other updates, the Federal Communications...more

Employer Health Plans: Taking Responsibility for Your Business Associates

The Anthem and Premera Blue Cross data breaches caused widespread panic throughout the employer health plan community earlier this year. For many, these data breach announcements served as a wakeup call for employer health...more

Connecticut Imposes New Data Security Obligations

New law will require consumer breach notice within 90 days, identity theft protection for consumers,“kill switch” for smartphones, and implementation of data security programs for certain health providers, state agencies and...more

2015 Data Breach Legislation Six Month Review: Many Proposals, Few Changes

The heat of summer may be upon us, but in Congress and in many state legislatures the attitude toward passing major data breach legislation has considerably cooled. We predicted some months ago that 2015 might be the...more

July Congressional Agenda

After a weekend of fireworks, parades, and apple pie, Congress returns from the Independence Day recess this week with the Senate scheduled to be in session for five weeks and the House of Representatives in session for four...more

Blog: States Strengthen Laws Addressing Health Information Handling and Breach Response

Connecticut and Oregon were recently added to the increasing list of states adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information. Both states...more

Advocate Health data breach class action suit dismissal upheld by Appellate Court

In August of 2013, four computers of Advocate Health and Hospitals Corporation (Advocate Health) were stolen from one of its offices. The computers contained the names, dates of birth, Social Security numbers, health...more

Medical Informatics Engineering discloses data breach

Electronic health record (EHR) vendor Medical Informatics Engineering and its subsidiary, NoMoreClipBoard, which is a personal health record (PHR) product, notified its EHR clients and PHR individuals that it has been the...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

Lack of Typicality and Adequacy of Representation Prevents Class Certification in Health Care Data Breach

The opinion from the Philadelphia Court of Common Pleas reinforces lack of standing as a defense for companies facing data breach–related class actions. On March 25, the Philadelphia Court of Common Pleas provided...more

115 Results
|
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×