News & Analysis as of

The Trend of Stricter State Data Breach Laws Continues with Florida

Florida’s new Florida Information Protection Act, Fl. Stat. § 501.171, became effective July 1, 2014. The new law repeals and replaces Florida’s existing data breach notification requirements (Fl. Stat. § 817.5681) with more...more

Data Protection Regulation Proposal Approved by the European Parliament

The European Parliament has finalized its version of the proposed Data Protection Regulation, which would substantially change personal data protection rules in the 31-country European Economic Area. The Parliament’s LIBE...more

The Conflicting Rules on Employee Data Theft

In all jurisdictions the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. 1030, the federal computer crime statute, applies to former employees who steal data from the company computer, but in two federal circuits it does not...more

The Costs of Data Breach

Scott & Scott, LLP attorney, Brian Von Hatten, suggests organizations should take necessary and required measures to safeguard consumer's personally identifiable information (PII) because of the significant risks and...more

Final HIPAA Regulations Impact Group Health Plans

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) sets forth rules to protect the privacy and security of individuals’ health information that is held by “covered entities,” such as group health plans....more

The New Normal: Taking Responsibility for Your Vendors  [Video]

As financial institutions continue to strive for reduced costs and greater efficiencies, they are increasingly turning to third-party vendors to handle a wide variety of tasks, from marketing and sales to payment processing....more

Highlights of the Omnibus HIPAA/HITECH Final Rule

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more

Significant Changes to HIPAA Effective March 26, 2013

The following is a summary of the major changes to HIPAA under the new Final Rule: 1. Breach Notification Standard Lowered — In perhaps the most significant change under the Final Rule, the new regulations considerably...more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

What Do Employers Really Need to Know About the New HIPAA/HITECH Omnibus Final Rule?

The Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act Omnibus Rule, published in the Federal Register Jan. 25, makes many changes to the HIPAA Privacy Rule,...more

UK Data Protection Regulator ICO Flexes Power to Impose Fine - Sony Fined for Data Breach

Introduction - On 24 January 2013, the UK Information Commissioner’s Office (ICO) served Sony Computer Entertainment Europe Limited (“Sony”) with a monetary penalty of £250,000 following a serious breach of data security...more

HHS Publishes Long-Awaited Final Omnibus Rules for HIPAA

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more

Final Regulations Address Privacy and Security of Health Information

The U.S. Department of Health and Human Services (HHS) issued final regulations last week that modify many aspects of the privacy and security rules under the Health Insurance Portability and Accountability Act (HIPAA) and...more

HITECH Omnibus Rule Basics

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

The HIPAA/HITECH Final Rule Has Been Released

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

Boston-Area Hospital to Pay $1.5 Million to Settle HIPAA Violations Over Security Breach

On September 17, 2012, Massachusetts Eye and Ear Infirmary, a Boston area hospital, has agreed to pay $1.5 million to the U.S. Department of Health and Human Services to settle allegations of violations of the HIPAA Security...more

16 Results
|
View per page
Page: of 1