Mobile Devices Data Breach

News & Analysis as of

Oregon Health & Science University pays $2.7M penalty for data breaches

Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more

Recent Enforcement Action: Business Associates Not Off the Hook

Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Business Associate Settles HIPAA Investigation for $650,000

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

Bad News for HIPAA Business Associates: HHS OCR Announces $650,000 Settlement for BA Breach

Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more

That is SO last week - October 2015 #4

Last week, the Second Circuit Court of Appeals issued its summary decision in Triple Play Sports Bar and Grille. Affirming the National Labor Relations Board, the Court held that an employee’s Facebook comments about working...more

California Enacts More Sweeping Data Privacy Laws

Perennially leading the country — and challenging companies to keep up — California has, for the third time in three years, enacted several new data laws, including a groundbreaking digital privacy law and amendments to its...more

Alphabet Soup and Data Security

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

Recent Enforcement Shows the Importance of Encrypting Mobile Devices Containing Protected Health Information

With headlines every day announcing another release of Protected Health Information (PHI), providers are asking themselves – is there a way to protect against these breaches? Beyond improving the security of large...more

[Webinar] Mobile Device Management for Health Care Organizations and Vendors - Sept. 10th, 10:00am PDT

In this webinar, we will demystify the HIPAA Security Rule and how to apply the administrative, physical, and technical safeguards in a mobile environment. We will discuss key takeaways from the recently released NIST Draft...more

Back to Basics: Low tech tips to alleviate high tech headaches

It’s easy to get lost in the abyss of technical jargon when discussing Electronically Stored Information (ESI). However, good information governance, which is one of the cornerstones of data privacy and security, doesn’t have...more

Data Security Issues in the Workplace: It’s 10:00 p.m. – Do You Know Where Your Company’s Data Is?

It seems that not a day goes by without another massive data breach incident providing fodder for the morning headlines or the evening news. That should come as no surprise. According to key studies, the average company...more

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

NIST Releases Draft Cybersecurity Practice Guide For Electronic Health Records

On July 22, the National Cybersecurity Center of Excellence (“NCCoE”), a U.S. government organization formed in 2012 within the National Institute of Standards and Technology (“NIST”), released a draft Cybersecurity Practice...more

New NIST Guide Advises Healthcare Companies on Securing Patient Health Information on Mobile Devices

In response to a growing demand for cybersecurity guidance in the health care industry, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence, recently published a...more

NIST Issues Draft Guidance for Mobile Health Data

With health care breaches constantly on the rise, increasing access to electronic health records (EHRs) from mobile devices, and more prevalent “shadow” cloud use, health care organizations are getting a bit of help from the...more

FFIEC Cybersecurity Assessment Tool: Not Just For Financial Institutions

On June 30, 2015, the Federal Financial Institutions Examination Council (FFIEC) released its long anticipated Cybersecurity Assessment Tool (press release here). The FFIEC is a formal interagency organization empowered to...more

Is Creepy Compensable?

A watchful eye can be a good thing. We all want to keep an eye on what’s important. In an increasingly fast-paced world, however, it gets harder. The Internet and advances in mobile technology put so much information at our...more

How Businesses Can Reduce Cyber Risk: Pre and Post Incident: Businesses Need to Take a More Proactive Approach to Reducing What Is...

As the volume of sensitive data that businesses store ever increases, the use of mobile devices continues to grow and cyber villains become ever more sophisticated, it is perhaps of no surprise that we hear about new...more

FINRA settles data breach enforcement action

The Financial Industry Regulatory Authority (FINRA) agreed to settle its enforcement action with Sterne Agee & Leach, Inc. (Sterne) this week for $225,000. The enforcement action followed the loss of an unencrypted laptop by...more

“Bring Your Own Device” To Work Programs: Regulatory and Legal Risks and How To Minimize Them

If you’ve ever left your mobile phone on an airplane, in a restaurant, or somewhere other than in your possession, you know it’s frightening enough to think of losing the device itself, which costs a premium, as well as your...more

Enforcement of the Personal Data Protection Act in Singapore

The Personal Data Protection Commission (the “Commission’) was established in January 2013 to implement and enforce The Personal Data Protection Act 2012 (“PDPA”). The PDPA fully came into force on 2 July 2014. So far, the...more

2014 Mobile Privacy and Security Trends and What to Look for in 2015

Most analysts and commentators agree that 2014 was the year mobile reached a tipping point. With over 1 billion mobile smartphones in circulation, 2014 marked the first year that mobile Internet usage surpassed desktop use in...more

FCC Accepting Comments on ABA Petition to Exempt Data Breach Notification Requirements from the TCPA

On November 6, 2014, the Federal Communications Commission (“FCC”) issued a Public Notice requesting comments on a petition by the American Bankers Association (“ABA”) to exempt informational calls and texts to mobile devices...more

American Bankers Association Asks FCC for Exemption From TCPA Liability

Why it matters - Seeking an exemption from Telephone Consumer Protection Act (TCPA) liability, the American Bankers Association (ABA) filed a petition with the Federal Communications Commission (FCC) to allow financial...more

43 Results
|
View per page
Page: of 2
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×