News & Analysis as of

Personally Identifiable Information Healthcare Breach Notification Rule

Whiteford

Client Alert: What You Need to Know About the FTC’s Changes to the Health Breach Notification Rule and How to Comply

Whiteford on

The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more

Wyrick Robbins Yates & Ponton LLP

Don’t Call It a Breach Rule: FTC Health Breach Notification Rule Has Been Here for Years, Now Updated to Serve as a Backdoor...

As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more

Seyfarth Shaw LLP

Keeping with the Times - FTC Expands Scope of Health Breach Notification Rule, Even as HHS Announces Its Own HIPAA Update

Seyfarth Shaw LLP on

On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more

Sheppard Mullin Richter & Hampton LLP

FTC Looks to Update Health Breach Notification Rule, Targeting Digital Health Industry

The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more

Wyrick Robbins Yates & Ponton LLP

App-etite for Notification: FTC Says “Welcome to the Jungle” to Mobile Health App Developers in Policy Statement on Health Breach...

Last week’s news that the Federal Trade Commission is taking steps to begin rulemaking on consumer privacy and artificial intelligence drew plenty of attention from privacy professionals, and suggests 2022 could be an...more

Sheppard Mullin Richter & Hampton LLP

FTC Warns Digital Health Industry to Comply with its Breach Notification Rule

The use of apps, wearables, and other devices used to track health and wellness data have continued to rise. The FTC again signaled its focus on this growing industry in a statement on the scope of the Health Breach...more

Littler

Recent Amendments to Security Breach Notification Laws Further Complicate Breach Notification for Employers

Littler on

It is not a matter of "if" but "when" an employer will be required to notify employees of a security breach.  Forty-seven states require employers to notify employees when defined categories of personal information, including...more

BakerHostetler

State Data Breach Notification Requirements Specifically Applicable to Insurers

BakerHostetler on

Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised....more

Orrick, Herrington & Sutcliffe LLP

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

Orrick, Herrington & Sutcliffe LLP

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

Troutman Pepper

How to Avoid and Respond to a Cybersecurity Breach

Troutman Pepper on

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

Davis Wright Tremaine LLP

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

Saul Ewing LLP

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

Saul Ewing LLP on

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

BakerHostetler

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

BakerHostetler on

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Cooley LLP

Blog: States Strengthen Laws Addressing Health Information Handling and Breach Response

Cooley LLP on

Connecticut and Oregon were recently added to the increasing list of states adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information. Both states...more

Robinson & Cole LLP

Nevada and North Dakota amend state breach notification laws

Robinson & Cole LLP on

Nevada has amended its breach notification law, effective July 1, 2015, to include a medical or health insurance identification number and a user name, unique identifier, or e-mail address in combination with a password or...more

Mintz - Privacy & Cybersecurity Viewpoints

State Data Breach Notification Law Updates

State legislatures are not waiting for Congressional action on a national data breach notification standard. Montana — Montana has amended its 10-year old breach notification law (see Mintz Matrix) to expand the...more

Davis Wright Tremaine LLP

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

18 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide