News & Analysis as of

Heartbleed Bug Creates Risk for Businesses and Consumers

On April 8, 2014, several news agencies, including the New York Times and CNN, reported the discovery of a vulnerability in a core security protocol used by an estimated two-thirds of the world’s servers. The vulnerability...more

Ever Lost -- or Worse Yet, Had Stolen -- a Smart Phone, Laptop, Tablet, Etc.?

Many of us have been focused on cyber-security, especially in the wake of the recent data breaches over the holidays, among other things. Two Maryland Law Enforcement Officers are leveraging the power of social media and the...more

BYOD (Bring Your Own Device)... *Liability and Data Breach Sold Separately PPT Presentation

A majority of people recently surveyed believe that their cellphone is the first thing that gets noticed about them. With smartphones becoming a part of our identity and the convenience of carrying and using just one device,...more

BYOD (Bring Your Own Device)... *Liability and Data Breach Sold Separately  [Video]

A majority of people recently surveyed believe that their cellphone is the first thing that gets noticed about them. With smartphones becoming a part of our identity and the convenience of carrying and using just one device,...more

FTC Obtains Settlement From Cord Blood Bank In Data Theft Action

On February 5, a federal district court in California approved a settlement recently obtained by the FTC, which (i) requires a California-based firm that operates a cord blood bank to establish a comprehensive information...more

FTC and California Attorney General Issue Reports on Mobile Privacy

The Federal Trade Commission and the California Attorney General have recently published reports focused on mobile privacy. The FTC’s “Mobile Privacy Disclosures” staff report, released on February 1, 2013, followed the...more

The Download - January 2013

In this issue: Heard on the Hill - Congress Updates the Video Privacy Protection Act - Congressional Developments in Mobile Privacy Around the Agencies: - FTC Updates COPPA Rule - Mobile Privacy Still...more

Enough Already: Encrypt Those Portable Devices

The U.S. Federal Trade Commission (FTC) announced on Data Privacy Day (January 28) that it had reached a settlement with a cord blood bank in respect of the loss of nearly 300,000 customers’ personal information. The lost...more

Why Medical Providers Should Take Caution with Sensitive Information, Especially With Mobile Devices

We continue to hear reports of large-scale data breaches that involve the loss or theft of thousands of records containing personally identifiable information of individuals (PII). If such a loss or theft is determined to...more

U.S. Department of Health and Human Services Announces First HIPAA Breach Settlement Involving Fewer than 500 Patients

On January 2, 2013, the U.S. Department of Health and Human Services ("HHS") settled its first case involving the unauthorized disclosure of the electronic protected health information ("ePHI") of fewer than 500 individuals....more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

Health Law Alert: Deficient Data Security On Mobile Devices Leads To First HIPAA Breach Settlement Involving Less Than 500...

On January 2, 2013, the U.S Department of Health and Human Services, Office of Civil Rights (OCR) announced its first HIPAA breach settlement involving less than 500 patients. OCR took action against a hospice provider in...more

First HHS OCR Settlement for HIPAA Breach Involving Less Than 500 Patients Sends Message to Providers

On January 2, 2013, HHS announced that the Hospice of North Idaho (HONI) agreed to pay $50,000 and enter into a Corrective Action Plan (CAP) as part of a settlement involving a breach of unsecured electronic protected health...more

First-Ever HIPAA Settlement Involving Fewer Than 500 Patients Announced

On January 2, 2013, the U.S. Department of Health and Human Services (HHS) announced a settlement with the Hospice of North Idaho (HONI) for potential HIPAA violations....more

OCR Reaches $50,000 Settlement with Hospice for Small Data Breach

Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more

First OCR Settlement Involving a “Small” Breach Focuses on Mobile Device Security

In what is best understood as a follow-up to both the recent settlement with MEEI and the release of its mobile device security guidance, HHS OCR recently released details of a settlement reached with the Hospice of Northern...more

First OCR Resolution for Data Breach Involving Less than 500 Patients: No Breach is “Too Small”

The Department of Health and Human Services, Office for Civil Rights (OCR) reached its first settlement for a breach involving data regarding less than 500 individuals. Under the December 2012 settlement, the Hospice of...more

17 Results
|
View per page
Page: of 1