Data Breach Protected Health Information

News & Analysis as of

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

Cybersecurity for Startups Now a Cost of Entry for Consideration by Larger Clients: What is Your Company's Plan?

For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more

HIPAA Enforcement On The Rise

The number of claims filed under the Health Insurance Portability and Accountability Act (HIPAA) have skyrocketed in recent years. The latest figures from the U.S. Department of Health and Human Services (DHS) highlight a...more

Is Your Health Plan HIPAA Compliant?

Data breaches with respect to medical information are on the rise, given that such information is generally more valuable on the black market than stolen credit card data. The 2015 breach of healthcare company Anthem, Inc.,...more

Class Action Suit Filed Against UCLA After It Suffers Massive Data Breach Affecting 4.5 Million Individuals

In yet another data breach affecting millions of individuals, UCLA Health System (“UCLA”) reported on July 17, 2015, that hackers had accessed portions of its health network that contained personal information, including...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

OCR Settlement with Massachusetts Hospital Over HIPAA Violations

On July 8, 2015, the United States Department of Health and Human Services, Office for Civil Rights (“OCR”), which enforces federal privacy standards for protected health information (“PHI”), settled an enforcement action...more

Proceed With Caution: Does HIPAA Apply to Your Business?

Even if your business is not in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act (HITECH...more

Is My Telehealth App Subject to HIPAA?

Many telehealth and mHealth app developers are concerned about whether or not their app is a medical device under FDA regulations (and rightfully so), they often pay less attention to the Health Insurance Portability and...more

Recent HHS Settlement Highlights Risks of Electronically-Sharing Protected Health Information

On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more

Medical Informatics Engineering discloses data breach

Electronic health record (EHR) vendor Medical Informatics Engineering and its subsidiary, NoMoreClipBoard, which is a personal health record (PHR) product, notified its EHR clients and PHR individuals that it has been the...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

The Devil in the “Cyber” Insurance Details

There’s a tempest amidst the recent spring shower of “cyber” insurance cases. It isn’t the Recall Total case reported the week before last, or the Travelers v. Federal Recovery Services case reported the week before. While...more

Lack of Typicality and Adequacy of Representation Prevents Class Certification in Health Care Data Breach

The opinion from the Philadelphia Court of Common Pleas reinforces lack of standing as a defense for companies facing data breach–related class actions. On March 25, the Philadelphia Court of Common Pleas provided...more

Insurer Seeks Declaratory Judgment Against Policyholder for Data Breach

Late last month, Columbia Casualty Company instituted a declaratory judgment lawsuit in the United States District Court for the Central District of California against its insured, Cottage Health System. Columbia Casualty...more

Think You Know Your HIPAA-Related Obligations? Read the ONC’s New Privacy and Security Guide to Find Out

In 2013, we alerted you to the expansion of the definition of the term “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Now, the Office of the National Coordinator for Health...more

Comingling of employee and patient data compromises employer’s HIPAA defense to employee’s claim of discharge for union activity

An administrative law judge (ALJ) of the National Labor Relations Board has concluded that a health care employer’s use of its medical records software to store employee contact information allowed an employee to access that...more

Issues Concerning Medical Identity Theft

Whenever a large data breach occurs in the healthcare industry, such as the Anthem Blue Cross Blue Shield breach this past winter, some news stories always seem to focus on the strange medical catastrophes that could...more

OCR Announces Settlement and Corrective Action Plan with Pharmacy Stemming from Alleged Violations

On April 24, 2015, the HHS Office for Civil Rights (“OCR”) once again stressed the importance of properly disposing of protected health information (“PHI”) when it announced its settlement and corrective action plan with...more

OCR Announces Another HIPAA Settlement and Warns Not to Forget About Paper Records

On April 27, 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy (“Cornell Pharmacy”) had entered into a resolution agreement to settle,...more

HIPAA Rules and Procedures in the Event of a Data Breach, Part One

As discussed in my prior post, recent massive data breaches at major retailers and health insurance providers paint a bleak picture of modern data and emphasize the importance of strong security safeguards and plans for...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

State Legislatures React To Latest Health Data Breaches By Updating State Data Breach Notification Laws And Encryption...

Recent, large-scale breaches of health information have served to highlight the fact that federal agencies have only rarely assessed penalties against companies as a result of these breaches, while many states do not have...more

Lessons Learned from the Anthem Cyber-Attack and Corresponding “HIPAA Actions”

Anthem Inc. (“Anthem”), the nation's second-largest health insurer, disclosed on Wednesday, February 4, 2015, that it was the victim of a major cyber-attack. According to Anthem, the attack exposed personal information of...more

Monthly Benefits Alert - February 2015

Health & Wellness Plans - Anthem Data Breach Requires Plan Sponsor Attention - On January 29, 2015, Anthem Inc., one of the largest managed health care companies in the country, disclosed that the sensitive...more

191 Results
|
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×