Medical Records Personally Identifiable Information

News & Analysis as of

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

Insurer Must Defend Data Breach Claim Under Traditional Commercial General Liability Policies

On April 11, 2016, the U.S. Court of Appeals for the Fourth Circuit affirmed a ruling by Judge Gerald Bruce Lee of the U.S. District Court for the Eastern District of Virginia that Travelers Indemnity Company of America...more

New Position Statement Procedures in Effect at the EEOC

On February 18, 2016, the U.S. Equal Employment Opportunity Commission (EEOC) announced a new nationwide procedure? providing for the release of respondent position statements and nonconfidential attachments to charging...more

The EEOC’s New One-Way Street: Providing Position Statements to Charging Parties

Effective February 18, 2016, the U.S. Equal Employment Opportunity Commission (EEOC) will uniformly allow employees bringing unlawful discrimination claims to gain access to the employer’s Position Statement submitted in...more

U.S. must crack down on small but hugely painful patient privacy breaches

Although Americans may live in dread about large-scale data breaches by big corporations, instances in which health care personnel inappropriately peek and tell information from patients’ private medical records can be...more

Confusion Continues Over Medical Identity Theft Victim Rights under HIPAA

In a Nov. 10, 2015 letter, the Chairs and Ranking Members of the Senate Committee on Health, Education, Labor, and Pensions and the Committee on Finance raised concerns with the U.S. Department of Health and Human Services...more

Purchasing Cyber Insurance? Important Considerations from the Recent Nossaman/ UCI Cyber Symposium

On October 12, 2015, Nossaman and UC Irvine hosted a Cyber Symposium at the City Club in Los Angeles. The event included four panels of Nossaman lawyers, UCI professors, and private professionals who are experts in the areas...more

Employee Health Information: Separate and Secure

There are several reasons an employer might have employee health information, ranging from the results of a pre-employment physical to the contents of a request for FMLA leave to what’s written in a health provider’s note...more

Comment period extended for NIST Cybersecurity Practice Guide

The National Institute of Standards and Technology has announced that due to stakeholder feed-back, the period to submit comments for the draft guide, “Securing Electronic Health Records on Mobile Devices” has been extended...more

Jury Clears UCLA Health in Lawsuit Stemming From Improper Access to PHI by Plaintiff’s Romantic Rival

A UCLA employee and patient now has celebrity-level security on her protected health information (PHI) as maintained by the UCLA Health system, but a jury denied her the $1.25 million in emotional distress damages she sought...more

UCLA cleared in lawsuit alleging breach as to sexually transmitted disease information

UCLA was absolved by a California judge last week in a suit filed by a patient of a UCLA affiliated doctor’s group, who alleged that a temporary worker in the doctor’s office used the doctor’s username and password to get...more

UCLA suffers another data breach

Last week, UCLA notified 1242 patients that their health information may have been compromised in July when a faculty member’s laptop was stolen. UCLA has notified the patients, the Office for Civil Rights and the California...more

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

Using Student Medical Records: Department of Education Issues New Guidance

When is it legal and proper for higher education institutions to use student medical records other than for a student's healthcare? In answering that question, institutions have to balance students' privacy interests,...more

Proposed class action case filed against Medical Informatics Engineering

Medical Informatics Engineering, Inc., an electronic medical record service provider, recently disclosed a data breach affecting approximately 4 million individuals. Within days of the disclosure, Medical Informatics was hit...more

Getting More Personal: California Amends Data Security Law

California’s data security statute will get a little more “personal” as of January 1, thanks to a recently-passed amendment revising the definition of covered personal information. On July 14 California expanded the...more

Federal Data Breach Bill Stalled in Congress

A key distinguishing feature of U.S. data privacy laws is their patchwork nature. There are industry-specific data privacy laws at the federal level (think HIPAA or the GLBA), yet there are no comprehensive federal standards...more

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

2015 Data Breach Legislation Six Month Review: Many Proposals, Few Changes

The heat of summer may be upon us, but in Congress and in many state legislatures the attitude toward passing major data breach legislation has considerably cooled. We predicted some months ago that 2015 might be the...more

Advocate Health data breach class action suit dismissal upheld by Appellate Court

In August of 2013, four computers of Advocate Health and Hospitals Corporation (Advocate Health) were stolen from one of its offices. The computers contained the names, dates of birth, Social Security numbers, health...more

FTC and Accretive Health Settle Unfair Business Practice Complaint Centered on Data Security Measures

Accretive Health recently agreed to settle a Federal Trade Commission (FTC) complaint that stems from a July, 2011 incident in which an Accretive employee’s laptop was stolen from his car. As a medical billing and revenue...more

Privacy Monday – July 22, 2013

Privacy gaffes and tidbits to start your week. Keeping up with Kardashians is NOT a defense under HIPAA - The LA Times recently reported the firing of six workers at Cedars-Sinai Medical Center in connection...more

Business Associates Beware

If you haven’t yet caught up with the new HIPAA Omnibus Rule and its consequences for those businesses who are not themselves healthcare providers, but are service providers to healthcare entities (and even further downstream...more

Cord Blood Bank Settles FTC Charges that it Failed to Protect Consumers’ Sensitive Personal Information

On January 28, 2013, CBR Systems, Inc. (CBR) agreed to settle FTC charges that it failed to protect its customers’ personal information, including nearly 300,000 customers’ Social Security numbers and credit and debit card...more

Be Prepared: Redline Version of the HIPAA/HITECH Final Rule

The final rule is significant for any organization that is considered to be a HIPAA covered entity (“CE”) (health systems, health care providers, health plans, etc.) or the more broadly defined business associate (“BA”)....more

26 Results
|
View per page
Page: of 2
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×