News & Analysis as of

Data Protection Data Breach HITECH Act

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Spilman Thomas & Battle, PLLC

Decoded: Technology Law Insights, Volume 3, Issue 4

War in the Time of Crypto - "In the Russia-Ukraine conflict, which side is crypto helping? Both." Why this is important: The world continues to watch Russia's invasion of Ukraine as it dominates news outlets. An...more

Jackson Lewis P.C.

California Consumer Privacy Act, California Privacy Rights Act FAQs for Covered Businesses

Jackson Lewis P.C. on

The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more

Polsinelli

Recent Amendments to State Breach Notification Laws

Polsinelli on

Over the last several months, a minority of states amended their data breach notification statutes or enacted sector-specific breach notification requirements. ...more

Akin Gump Strauss Hauer & Feld LLP

Connecticut Expands Breach Reporting and Creates Cybersecurity Safe Harbor

On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more

Polsinelli

Entities of All Types Should Consider Commenting on the FTC’s Health Breach Notification Rule by August 20, 2020

Polsinelli on

On May 22, 2020, the Federal Trade Commission (the “FTC”) published its decennial request for public comment (the “RFC”) on the FTC’s Health Breach Notification Rule (the “HBN Rule”)....more

Foley & Lardner LLP

New York Increases Breach Notification and Security Responsibilities

Foley & Lardner LLP on

New York State has enacted S5575, the Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”). This new law amends New York General Business Code 899-aa and adds Section 899-bb to significantly expand consumer...more

K&L Gates LLP

K&L Gates Triage: HIPAA Enforcement Discretion, Disputes, and Data

K&L Gates LLP on

The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more

Holland & Knight LLP

Impact of the New Health Industry Cybersecurity Practices: 2019 Outlook

Holland & Knight LLP on

• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more

Akerman LLP

New York State Attorney General Settles Data Breach With Health Plan In An Unprecedented Settlement With HIPAA Compliance...

Akerman LLP on

New York Attorney General Eric Schneiderman has been in hot pursuit of organizations in his state that fail to maintain the security and privacy of personal information. On March 6, 2018, the Attorney General’s office...more

Jackson Lewis P.C.

“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 For Data Breach Caused By Vendor

Jackson Lewis P.C. on

Last week, New Jersey Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices...more

Mintz - Health Care Viewpoints

Bah, Humbug! HIPAA Compliance Isn’t Getting Any Easier

As we look back on 2017, one message is clear: don’t be a Scrooge when it comes to HIPAA compliance. With ever-evolving security threats and unrelenting enforcement, regulated entities must maintain a spirit of compliance...more

Jackson Lewis P.C.

Enhanced HHS HIPAA Breach Reporting Tool May Aid Health Care Industry Data Security Efforts

Jackson Lewis P.C. on

Secretary Tom Price of the U.S. Department of Health and Human Services (HHS) announced his agency needs “to focus more on the most recent breaches and clarify when entities have taken action to resolve the issues that might...more

Alston & Bird

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

Alston & Bird on

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Mintz - Privacy & Cybersecurity Viewpoints

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

Polsinelli

Appeals Court Confirms that HITECH Violations Do Not Violate FCA

Polsinelli on

In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator's claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives...more

BakerHostetler

NAIC Adopts Cybersecurity Bill of Rights

BakerHostetler on

The National Association of Insurance Commissioners (“NAIC”) continued its efforts to advance cybersecurity in the insurance industry when it recently adopted the Cybersecurity Bill of Rights. The Cybersecurity Bill of Rights...more

Troutman Pepper

How to Avoid and Respond to a Cybersecurity Breach

Troutman Pepper on

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

Robinson+Cole Data Privacy + Security Insider

Seventh Circuit rules hospital system is not a Consumer Reporting Agency under FCRA

Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more

Foley Hoag LLP - Security, Privacy and the...

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Fisher Phillips

How To Analyze A HIPAA Breach

Fisher Phillips on

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Mintz - Privacy & Cybersecurity Viewpoints

Five Lessons from OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

Last week, the HHS Office of Civil Rights (OCR) released two reports required by the Health Information Technology for Economic and Clinical Health (HITECH) Act: (i) the Annual Report to Congress on Breaches of Unsecured...more

Fisher Phillips

How To Analyze A HIPAA Breach

Fisher Phillips on

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Dickinson Wright

Providers: Prepare Your Breach Notification Policy!

Dickinson Wright on

On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and...more

74 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide