News & Analysis as of

Protections Governing Theft and Publication of Medical Records

As instances of medical data breaches increase, U.S. courts are interpreting the scope of liability stemming from them. In California, the court in Sutter Health et al. v. The Superior Court of Sacramento County (Atkins) held...more

Privacy Tuesday – January 6, 2015

Welcome to the first Privacy Tuesday of 2015! We hope that you enjoyed our 12 Days of Privacy series (and if you missed it, they are all linked in the right column of the blog…). Three things that you should...more

Happy New Year! 2015 Brings More Reasonable Breach Notification Reporting Periods for CA Health Care Providers

In 2008 California put into effect breach reporting laws applicable to certain licensed health care providers Healthcare Entities that are more stringent than HIPAA - so stringent that Healthcare Entities have been required...more

Data Breach Plaintiff Given Second Chance to Certify Class Action Suit

Recently, the Pennsylvania Superior Court ruled in favor of data breach plaintiff Avrum Baum, giving him a second chance to certify a class action suit against Keystone Mercy Health Plan. Baum brought suit against the...more

What Can You Expect in 2015 Regarding HIPAA Enforcement?

As of earlier this month, 1, 170 breaches involving 31 million records have been reported to the Department of Health and Human Services (HHS) since mandated reporting of breaches began in September 2009.  An increase in the...more

Let the Games Begin: First Sony Class Action Lawsuit Filed Over Data Breach

It’s happened. The first class action lawsuit has been filed against Sony for failing to prevent hackers from stealing its current and former employees’ social security numbers, medical records, and salary information....more

Blog: Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected...more

Connecticut Supreme Court Allows Plaintiffs to Circumvent HIPAA’s No Private Right of Action Clause

In an opinion released on November 11, the Connecticut Supreme Court ruled on whether the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations preempt a common law claim for...more

Connecticut Supreme Court Issues Decision That Could Expand State Law Liability in Data Breach Class Actions for Businesses...

Health care providers have not escaped the recent proliferation of data breach class actions, but plaintiffs generally have been unsuccessful in bringing claims based on the Health Insurance Portability and Accountability Act...more

California Health Care Providers Successfully Ward Off Data Breach Lawsuits

In a pair of recent cases, two California health care providers successfully warded off lawsuits arising from unauthorized data breaches of patient files. These cases illustrate that improper disclosure of electronically...more

Privacy Tuesday – November 2014 – Five Things to Start Your Week

Welcome to Privacy Tuesday – here are five privacy & security bits and bytes to start your week: 1) California AG’s Data Breach Report: Who Is Handling Your Patients’ Confidential Health Information? - The...more

Blog: Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Government Conference Highlights Need for Protecting Health Information

The National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently highlighted the importance of protecting health information at the...more

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

Employee Benefits Developments - September 2014

CASES - Post-Retirement Medical Benefits Under Siege. A recent spike in retiree benefit litigation is evidence of a growing interest among employers in strategies designed to contain, reduce, and eliminate the current...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

Massive Data Breach Affects 4.5 Million Patients in 29 States

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more

Class Action Plaintiffs Look to Fair Credit Reporting Act for Private Relief from Data Breaches Involving Health Information

A recent class action brought against the University of Miami (“University”) previews what could become an emerging trend among plaintiffs’ class action attorneys to seek damages for the unauthorized disclosure of personal...more

Hospital Operator Reports 4.5 Million Patients’ Data Stolen in Cyberattack

The Tennessee-based acute-care hospital chain Community Health Systems, Inc. (CHS), reported on August 18 that information on approximately 4.5 million patients was stolen from the company. CHS is one of the largest hospital...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

160 Results
|
View per page
Page: of 7