News & Analysis as of

Data Protection Health Insurance Portability and Accountability Act

Cybersecurity 2018 – The Year in Preview: HIPAA Compliance

Like many things in Washington, the HIPAA landscape in 2018 will be shaped by the shifting priorities of President Trump’s new administration. Early signs point to less funding for the Office of Civil Rights (“OCR”) within...more

Is it HIPAA or HIPPA? Either way, it still applies.

by Winstead PC on

I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more

Significant WiFi vulnerability exposed

What is the problem? Belgian researchers have published information about a vulnerability in the most popular WiFi encryption protocol that makes monitoring of all communications possible, except those communications that...more

Data Protection: Patient confidentiality in the age of AI

by DLA Piper on

In our previous article, we considered a typical collaboration between a healthcare institution and a developer of an digital diagnostic system using machine learning or some other form of artificial intelligence. The...more

Is Blockchain Technology the Solution to Health Care's Data Woes?

by Pepper Hamilton LLP on

Many experts believe blockchain technology will drive innovation in health information and that it has the potential to solve critical health care issues, including interoperability, security, records management and data...more

Employer-Sponsored Health Plan HIPAA Compliance Checklist

by Davis Wright Tremaine LLP on

The administrative simplification provision of the Health Insurance Portability and Accountability Act and its implementing regulations (HIPAA) impose obligations on employer-sponsored group health plans. Given recent...more

Global Privacy & Cybersecurity Update Vol. 15

by Jones Day on

UNITED STATES - Regulatory—Policy, Best Practices, and Standards - FTC Comments on Improvements to IoT Device Security - On June 19, the Federal Trade Commission ("FTC") submitted comments to a working group organized by the...more

HHS Issues Limited Waiver of HIPAA Sanctions Post-Hurricane Harvey

The U.S. Department of Health and Human Services (HHS) has used its authority to waive certain provisions of HIPAA in response to Hurricane Harvey. HHS previously declared a public health emergency in Texas and Louisiana...more

Enhanced HHS HIPAA Breach Reporting Tool May Aid Health Care Industry Data Security Efforts

by Jackson Lewis P.C. on

Secretary Tom Price of the U.S. Department of Health and Human Services (HHS) announced his agency needs “to focus more on the most recent breaches and clarify when entities have taken action to resolve the issues that might...more

Failing To Update Compliance Plans May Be Costly

by Roetzel & Andress on

If you are a provider of healthcare services, you need a compliance plan. A compliance plan is a written document that details your practice’s policies, procedures, and operations. While many providers are aware of the...more

Health Care Companies Find Direction to Combat Cybersecurity Threats

by Burr & Forman on

More than 27 million patient records were affected by health care data breaches in 2016, according to a health care cybersecurity company. The cost associated with these breaches is staggering: an estimated $355 per stolen...more

Healthcare Legal News: Volume 7, Number 2

by Dickinson Wright on

Where is your PHI Data Traveling Today? With most vendors offering and pushing cloud computing solutions and offsite data backup, or guaranteeing offsite backup of data they process for you, many HIPAA covered entities and...more

General Data Protection Regulation: What It Means For US Healthcare/Life Science Companies (Part One)

The clock is ticking: on May 25, 2018, in less than a year from now, the General Data Protection Regulation (“the GDPR”) will apply in all Member States of the European Union (“EU”) and will replace the Directive 95/46/CE...more

Part Two: Abandoned Mines and Data Retention Policies

by McGuireWoods LLP on

As discussed in Tuesday’s post, in addition to taking reasonable precautions to secure data, companies should consider whether they have an affirmative duty to destroy data in the United States – to clear the explosives out...more

New York’s New Cybersecurity Regulations and its Impact on your Sensitive Health Information

by Farrell Fritz, P.C. on

Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more

How the U.S. Healthcare Sector Can Prepare for and Harden Its Systems Against Cyberattack

by Hogan Lovells on

“The number one issue on the minds of many CEOs and boards is cyberattacks and data breaches,” said Hogan Lovells partner Marcy Wilder. In this hoganlovells.com interview, Wilder discusses three key things health sector...more

Maryland Amends Data Breach Notification Law

by Ballard Spahr LLP on

The Maryland General Assembly recently amended the Maryland Personal Information Protection Act to expand the definition of personal information, provide a 45-day timeframe for providing notice of a breach, allow for...more

Ten Tips For Actions By A Covered Entity After A HIPAA Breach By A Business Associate

by Fox Rothschild LLP on

This blog recently discussed tips for a covered entity (CE) in dealing with a HIPAA business associate (BA). Now, even though you have adopted all of the tips and more, in this dangerous and ever more complex data security...more

AGs Weave Themselves Into Patchwork of Digital-Health Regs

by Pepper Hamilton LLP on

There are more than 165,000 mobile health applications available for download in Apple’s App Store or Google Play. This number will likely keep rising, and a body of federal and state regulators, including state attorneys...more

Health Care Data Breaches Cost $380 per Record

A new study issued by Ponemon Institute, sponsored by IBM, reveals that healthcare data breaches still cost more than in other sectors. The Ponemon Institute’s calculation is that the average healthcare data breach costs...more

Data Breaches Most Expensive For Health Care Industry But Precautionary Measures Can Keep Costs Down

by Murtha Cullina on

Data breaches have become commonplace in every industry. In health care, however, it costs much more to respond to a data breach than in all other industries in this country, according to the results of a recent IBM-sponsored...more

Healthcare Providers Beware: HIPAA Isn’t Your Only Concern Following a Data Breach–State Law Matters

by McGuireWoods LLP on

Healthcare service provider CoPilot Support Services (“CoPilot”) recently agreed to pay a $130,000 settlement after it waited over a year to notify patients of a data breach, in violation of New York’s breach notification...more

My Entity Just Experienced a Cyber-Attack! What Do We Do Now?

by Balch & Bingham LLP on

On June 9, 2017, the U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) released a cyber-attack “Quick Response” checklist (the Checklist) for the benefit of HIPAA covered entities and business...more

OCR Publishes Checklist and Infographic for Cyber Attack Response

OCR released a simple checklist and infographic last week to assist Covered Entities and Business Associates with responding to potential cyber attacks. As cybersecurity remains a pressing concern for health care entities,...more

(Un)Protected Health Information Held for Ransom

by Snell & Wilmer on

Recent experiences of major health care companies offer a reminder of the importance of data security and following a well-written policy for compliance with the HIPAA Privacy Rule....more

396 Results
|
View per page
Page: of 16
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.