Data Breach Healthcare

News & Analysis as of

CT AG slams Hartford Hospital and EMC for loss of laptop

True to his word, the Connecticut AG has aggressively entered the data privacy and security enforcement arena with a $90,000 settlement with Hartford Hospital and EMC. The AG has agreed to a payment of $90,000 from...more

Recent Amendments to Security Breach Notification Laws Further Complicate Breach Notification for Employers

It is not a matter of "if" but "when" an employer will be required to notify employees of a security breach.  Forty-seven states require employers to notify employees when defined categories of personal information, including...more

Blog: Implications of the Cybersecurity Bill for the Health Care Industry

On Tuesday the Senate passed the Cybersecurity Information Sharing Act (CISA). The House had passed a similar bill, the Protecting Cyber Networks Act, in April of this year. The Act comes in the wake of many large scale data...more

Purchasing Cyber Insurance? Important Considerations from the Recent Nossaman/ UCI Cyber Symposium

On October 12, 2015, Nossaman and UC Irvine hosted a Cyber Symposium at the City Club in Los Angeles. The event included four panels of Nossaman lawyers, UCI professors, and private professionals who are experts in the areas...more

Alphabet Soup and Data Security

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

HIPAA Fine Underscores OCR’s Focus on Physician Group Compliance

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced a $750,000 fine and resolution agreement, including a Corrective Action Plan (CAP), for Cancer Care Group, P.C. (CCG), a...more

“My, what beautiful eyes you have . . .” – Biometric Data and Privacy

Biometric data – obviously not in just the movies anymore. It is alive, well, and increasingly being used in our everyday society. But, on September 23, 2015, when the Office of Personnel Management revealed that fingerprint...more

VA OIG reports patient data at risk with vendor

The Department of Veterans Affairs’ Office of Inspector General recently issued a report, following a complaint that the VA Palo Alto Health Care System put veterans’ health information at risk when it allowed personnel of a...more

OIG report spurs OCR to announce phase 2 audits

On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more

EXPECT FOCUS: Onboard Technology, NAIC Cybersecurity, DOL, ACA Litigation, SEC Regulation (Vol. III, Summer 2015)

In This Issue: IN THE SPOTLIGHT - - Your Data Breach Collided With My Personal Injury Coverage LIFE INSURANCE - - Phantom Injury Dooms “Shadow Insurance” Case - Latest NAIC Cybersecurity News - A...more

Reports Instruct Office of Civil Rights to Increase HIPAA Enforcement Activities

On September 29, 2015, the Office of Inspector General (OIG) released two reports that reviewed the Office of Civil Rights’ (OCR) enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The...more

OCR announces launch of Phase 2 of HIPAA audits

Although the Office for Civil Rights (OCR) has indicated in the past that it would start its next round of HIPAA audits, apparently it means business now. In the wake of an Inspector General report that the OCR was merely...more

Evolving Litigation of Data Breach Claims

An Illinois circuit court judge has dismissed five of six claims in a consolidated class action against Advocate Health and Hospital Corporation arising from a data breach in July 2013. The judge’s dismissal with prejudice...more

State Data Breach Notification Requirements Specifically Applicable to Insurers

Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised....more

Blog: Excellus is Latest in Line of BCBS Insurers Experiencing Cyberattack

Excellus, a BlueCross BlueShield (BCBS) provider servicing upstate New York, announced last week that it was the latest in a string of BCBS providers that experienced a data breach as a result of a cyberattack. CareFirst...more

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

Advocate Health class action lawsuit trimmed

Last week, an Illinois judge dismissed with prejudice five of the six claims levied against Advocate Health Care in a consolidated case of ten cases filed against it following the data breach it experienced in July of 2013...more

How to Avoid and Respond to a Cybersecurity Breach

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

OCR settlement reiterates importance of proactive security rule compliance

On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve...more

Jury Clears UCLA Health in Lawsuit Stemming From Improper Access to PHI by Plaintiff’s Romantic Rival

A UCLA employee and patient now has celebrity-level security on her protected health information (PHI) as maintained by the UCLA Health system, but a jury denied her the $1.25 million in emotional distress damages she sought...more

DOD Adopts Interim Cyber Rules As Claims of Chinese Cyber Attacks Continue

U.S. officials have blamed Chinese government-backed attackers for many of the recent cyber attacks on U.S. government and business computer networks: “Researchers and government officials have determined that the Chinese...more

Crafting a more realistic business associate agreement

According to a recent survey by KPMG, eighty percent (80%) of health care executives report that their information technology systems have been compromised by cyber attacks. Most healthcare institutions, the survey found,...more

UCLA suffers another data breach

Last week, UCLA notified 1242 patients that their health information may have been compromised in July when a faculty member’s laptop was stolen. UCLA has notified the patients, the Office for Civil Rights and the California...more

10 million Excellus Blue Cross Blue Shield members’ information compromised

Yesterday, Excellus Blue Cross Blue Shield, located in Rochester, NY, announced that it will notify up to 10 million members that it was the victim of a cyber-attack dating back to December of 2013 that exposed their members’...more

153 Results
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.