News & Analysis as of

Connecticut Supreme Court Allows Plaintiffs to Circumvent HIPAA’s No Private Right of Action Clause

In an opinion released on November 11, the Connecticut Supreme Court ruled on whether the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations preempt a common law claim for...more

Connecticut Supreme Court Issues Decision That Could Expand State Law Liability in Data Breach Class Actions for Businesses...

Health care providers have not escaped the recent proliferation of data breach class actions, but plaintiffs generally have been unsuccessful in bringing claims based on the Health Insurance Portability and Accountability Act...more

California Health Care Providers Successfully Ward Off Data Breach Lawsuits

In a pair of recent cases, two California health care providers successfully warded off lawsuits arising from unauthorized data breaches of patient files. These cases illustrate that improper disclosure of electronically...more

Privacy Tuesday – November 2014 – Five Things to Start Your Week

Welcome to Privacy Tuesday – here are five privacy & security bits and bytes to start your week: 1) California AG’s Data Breach Report: Who Is Handling Your Patients’ Confidential Health Information? - The...more

Blog: Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Government Conference Highlights Need for Protecting Health Information

The National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently highlighted the importance of protecting health information at the...more

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

Employee Benefits Developments - September 2014

CASES - Post-Retirement Medical Benefits Under Siege. A recent spike in retiree benefit litigation is evidence of a growing interest among employers in strategies designed to contain, reduce, and eliminate the current...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

Massive Data Breach Affects 4.5 Million Patients in 29 States

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more

Class Action Plaintiffs Look to Fair Credit Reporting Act for Private Relief from Data Breaches Involving Health Information

A recent class action brought against the University of Miami (“University”) previews what could become an emerging trend among plaintiffs’ class action attorneys to seek damages for the unauthorized disclosure of personal...more

Hospital Operator Reports 4.5 Million Patients’ Data Stolen in Cyberattack

The Tennessee-based acute-care hospital chain Community Health Systems, Inc. (CHS), reported on August 18 that information on approximately 4.5 million patients was stolen from the company. CHS is one of the largest hospital...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

It’s No Surprise: Health Care Data Breaches Are on the Rise and So Is Government Enforcement

In This Issue: - The Take-Aways for Covered Entities and Business Associates - For More Information - Excerpt from The Take-Aways for Covered Entities and Business Associates: As a majority of the...more

Even in Privacy Cases, Risk of Injury Does not Always Equal Injury

It’s an ancient conundrum; if a tree falls in the forest, and no one is there to hear it, does it make a sound? Privacy litigation may well offer the closest jurisprudential equivalent; if data is stolen, but no one does...more

California Court Grants Hospital Summary Judgment on Data Breach Claim

In its recent decision in Eisenhower Medical Center v. Superior Court, 226 Cal. App. 4th 430(Cal. App. 4th Dist. 2014), the Court of Appeal of California, Fourth District, had occasion to consider whether a medical facility’s...more

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

157 Results
|
View per page
Page: of 7