News & Analysis as of

Is encryption the key to your data security?

With the increased rate of data breaches targeting personal information, an increased public awareness of online privacy, and an increasingly demanding regulatory landscape, large and small businesses are looking to...more

More (MACRA) Data Analysis, Please

On July 1, CMS finalized new MACRA rules that significantly expand how qualified data entities will be allowed to share or sell analyses of Medicare and private claims data to providers, insurers, employers, and others who,...more

Breach of ePHI Results in $2.7 Million Fine

Oregon Health & Science University (“OHSU”) has paid $2.7 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle allegations that it violated the Health Insurance Portability...more

Business Associate Settles HIPAA Investigation for $650,000

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

HIPAA Compliance: Navigating a Health Care Minefield

In the two decades since its original passage, complying with the federal Health Insurance Portability and Accountability Act (HIPAA) hasn’t gotten any easier. Enacted with the primary goal of protecting the confidentiality,...more

Nebraska and Illinois Update Breach Notice Requirements

The data breach notification laws for Nebraska and Illinois have been updated to expand the definition of “personal information” to include usernames and email addresses in combination with a password or security question...more

OCR Warns of HIPAA Risks in Third-Party Apps

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more

Cybersecurity News & Notes – June 2016 #3

In Case You Missed It: Illinois strengthened its data privacy and security law, with the amendments going into effect in January 2017. The amendments include expanding the definition of “personal information” to include a...more

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

Newest Ponemon study released on health care data breaches

The Ponemon Institute has recently released its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. The study has included business associates for the past two years. The study included information received...more

Cyber Security

Roughly one million pieces of malware—computer viruses or malicious software—are released every day. In recent years, we’ve witnessed an unprecedented level of activity in the cyber arena, both in the form of increased...more

Also In the News - Data, Privacy, & Security Practice Report - May 2016

OCR Releases Guidance On Data Security Incident Preparedness—On May 3, 2016, the Office for Civil Rights (“OCR”) within the U.S. Department of Health & Human Services released its cyber-awareness monthly update on the topic...more

Joint Commission lifts ban on physicians texting patient orders

The Joint Commission, which is the national accrediting organization for health care organizations, has long banned physicians using text messages to place orders for patient care due to data security concerns. In 2011, the...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Ransomware Cuts Deep, in Life & in Coverage

1. Beyond Breaches - With ransomware, cybersecurity in healthcare has gone far beyond HIPAA compliance, breaches of PHI or identity theft. For the unprepared healthcare provider not able to prevent ransomware or...more

Federal Agencies Provide User-Friendly Guidance on Compliance with Data Privacy Laws

How federal privacy laws apply to mobile health applications has been an area of significant ambiguity. Recently, the Federal Trade Commission’s (FTC), the U.S. Department of Health and Human Services (HHS) Office of Civil...more

Think Before You App: FTC Releases Compliance Tools for Health App Developers

The Federal Trade Commission furthered its outreach to the mobile app developer community last week by issuing new guidance for integrating privacy and security into mobile health apps, as well as an interactive online tool...more

State AGs Upping the Ante on Health (and Other) Information Data Incidents – Expect Increased Enforcement Actions

State attorneys general (AGs) continue to emerge as major regulators of privacy, and increasingly, with respect to compromises of health-related data. Businesses concerned with U.S. customer or employee data have long...more

Developments in Cybersecurity: Privacy Laws, Hacking Beyond Customer Data, and Communicating with Corporate Boards

I. Legal Exposure to Federal and State Privacy Laws - A. Federal Statutes and Enforcement - 1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 - The Federal Trade Commission (FTC) has emerged as the leading...more

WEBINAR: Cloud Computing & Health Care Organizations - Critical Privacy & Security Issues

More and more organizations are turning to the cloud because of how flexible and low-cost it is. As a result, many health care organizations are now using cloud-based servers to store patient information and are discovering...more

NAIC Adopts Cybersecurity Bill of Rights

The National Association of Insurance Commissioners (“NAIC”) continued its efforts to advance cybersecurity in the insurance industry when it recently adopted the Cybersecurity Bill of Rights. The Cybersecurity Bill of Rights...more

HIPAA and Text Messaging

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

Data-Harvesting Zombie Hackers, Blood-Thirsty Auditors, and Other Reasons to be Scared on Halloween

This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more

End of Year Issues Impacting Employer Health Plans

With the end of 2015 fast approaching, employers should be aware of certain issues under the Patient Protection and Affordable Care Act (“ACA”), the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

78 Results
|
View per page
Page: of 4
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×