News & Analysis as of

NAIC Adopts Cybersecurity Bill of Rights

The National Association of Insurance Commissioners (“NAIC”) continued its efforts to advance cybersecurity in the insurance industry when it recently adopted the Cybersecurity Bill of Rights. The Cybersecurity Bill of Rights...more

HIPAA and Text Messaging

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

End of Year Issues Impacting Employer Health Plans

With the end of 2015 fast approaching, employers should be aware of certain issues under the Patient Protection and Affordable Care Act (“ACA”), the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and...more

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

Data privacy in the Americas - At a glance

As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Privacy Tuesday – August 2015: Three Bytes for End of Summer

It’s Privacy Tuesday again – and summer is winding down. Here are three bytes of privacy/security information to start your week...more

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

Connecticut Updates its Data Security Laws, Imposing Stringent New Requirements

On June 30, 2015, the Governor of Connecticut signed into law S.B. 949, “An Act Improving Data Security and Agency Effectiveness." The new law updates Connecticut’s data security laws, including by adding a 90-day hard...more

Data Breach Class Actions: Don’t Overlook Standing Defense Just Because Plaintiff Alleges Identity Theft

A New Jersey federal district court recently dismissed the putative class action claims of four plaintiffs against a health care defendant following the theft of two password-protected laptops allegedly containing personal...more

Why You Need a Privacy Policy – Part 2: Avoiding Three Common Fumbles

In Part 1, we covered some basic privacy policy concepts. Here in Part 2, we address three problems associated with privacy policies in practice. 1. You Don’t Have One, But You Really Should - There is no...more

White House Previews Ambitious (if Familiar) Privacy and Cybersecurity Proposals for 2015

On January 20, 2015, President Obama will address Congress with his annual State of the Union report. On Monday, the president spoke at the Federal Trade Commission, providing a “sneak peek” of the privacy and cybersecurity...more

Blog: 23andMe Advances Its Goal of Creating Commercialized Database from Consumer Genetic Testing

On January 12, 23andMe announced an agreement with Pfizer to provide the drug company with access to anonymous, aggregated information from consumers who bought 23andMe’s test over the past seven years to learn about their...more

IP|Trend: It’s Time to Get to Know the Federal Trade Commission [Video]

Like it or not, the Federal Trade Commission (FTC) has injected itself into regulating and monitoring data privacy practices of corporations. Attorneys Seth Northrop and Richard Martinez discuss what this means for companies...more

Final Rule Expands Access to Laboratory Records

On February 6, 2014, the Department of Health and Human Services (HHS) released a Final Rule that amends the Clinical Laboratory Improvement Amendments of 1988 (CLIA) and the Health Insurance Portability and Accountability...more

New Privacy Rule Gives Patients Right To Access Lab Test Reports

On February 6, 2014, the Centers for Medicare and Medicaid Services (CMS) and the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) issued a final rule amending the Clinical Laboratory Improvement...more

Privacy Class Action – Theories of Liability – 2013 Year in Review

One hot area of data privacy litigation over the past several years has been data breach class actions brought under the California Confidentiality of Medical Information Act (“CMIA”), which provides that a person may recover...more

How To Catch-Up in a Revised HIPAA World

The HIPAA final omnibus rule (Omnibus Rule) made sweeping changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules earlier this year. Although the compliance deadline of September 23, 2013 has come...more

On the First Day of Privacy, The OCR Gave to Me...

Welcome to our series, “The 12 Days of Privacy” as we look to “gifts” that may be received this season and some of the big issues ahead …. Day One – - HIPAA 2014 – Where will the Audit Trail Lead? The year 2013...more

HHS Makes Good On Its Promise: Releases HIPAA Guidance For Refill Reminder Programs

As previously reported, HHS announced earlier this month that it would be providing clarification on the HIPAA Privacy Rule as it relates to marketing and prescription refill reminder programs. On September 19, 2013, HHS...more

Privacy Monday – September 16, 2013

Dis-Like! Senator Markey Urges the FTC to Investigate Facebook’s New Policies - As we previously reported, Facebook has proposed a number of revisions to its Data Use Policy and Statement of Rights and...more

51 Results
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.