News & Analysis as of

Safe Harbors Health Insurance Portability and Accountability Act (HIPAA)

Ogletree, Deakins, Nash, Smoak & Stewart,...

Federal Trade Commission Hashes Out Aggressive Interpretation of Data Anonymization: What You Need to Know

The Federal Trade Commission (FTC) has a long-standing habit of creating legal obligations through blog posts. Recent communications from the FTC by way of its Office of Technology Blog evidence an aggressive expectation...more

Holland & Knight LLP

Substance Use Disorder Confidentiality Regulations Modified to Align with HIPAA

Holland & Knight LLP on

After more than a year since the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) and Substance Abuse and Mental Health Services Administration (SAMHSA) issued the proposed changes to the...more

Bradley Arant Boult Cummings LLP

Florida Bill Proposes Safe Harbor Against Breach Suits to Businesses Maintaining Recognized Cybersecurity Programs

A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more

Faegre Drinker Biddle & Reath LLP

NAIC Privacy Protections Working Group Meets to Discuss New Model Privacy Law

On June 5-6, 2023, the NAIC Privacy Protections (H) Working Group (“PPWG”) held an in-person interim meeting (“session”) to continue its work on drafting a new model privacy law, the Insurance Consumer Privacy Protection...more

Faegre Drinker Biddle & Reath LLP

Navigating Open Enrollment Notice Requirements

Fall open enrollment is upon us, and plan sponsors and administrators are preparing to provide their employees with the required notices related to their health and welfare plans. Notice and disclosure obligations for health...more

Foley & Lardner LLP

State Data Breach Notification Laws - September 2022

Foley & Lardner LLP on

While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more

King & Spalding

Department of Health and Human Services Seeks Input on HIPAA “Safe Harbor”

King & Spalding on

On April 6, 2022, the Department of Health and Human Services Office for Civil Rights (OCR) issued a Request for Information (RFI) to solicit public comments on the implementation of the “safe harbor” under the Health...more

King & Spalding

HHS Seeks Input on HIPAA “Safe Harbor”

King & Spalding on

On April 6, 2022, HHS Office for Civil Rights (OCR) issued a Request for Information (RFI) to solicit public comment on the implementation of the newly-enacted “safe harbor” under the Health Insurance Portability and...more

Wyrick Robbins Yates & Ponton LLP

Any Port in a Storm? OCR Seeks Comments on HIPAA “Safe Harbor” for Recognized Security Practices

Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more

Akin Gump Strauss Hauer & Feld LLP

Connecticut Expands Breach Reporting and Creates Cybersecurity Safe Harbor

On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more

Hogan Lovells

Hold the punitive damages: Connecticut is latest to incentivize implementing cybersecurity frameworks

Hogan Lovells on

Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more

Jackson Lewis P.C.

Money Money Money: How Much Can The Health Plan Surcharge On Unvaccinated Employees Be?

Jackson Lewis P.C. on

In light of the lingering COVID-19 pandemic and its impact on employee productivity and health care expenses, employers are considering imposing a premium surcharge on employees participating in the company’s health plan who...more

Ankura

New Proposed Laws include Safe Harbor when Aligned with NIST Privacy Framework

Ankura on

A new trend in privacy and cybersecurity laws is the introduction of safe harbor clauses for aligning data protection controls to recognized data privacy and cybersecurity frameworks. OHIO HB376: In July 2021, Ohio...more

Sheppard Mullin Richter & Hampton LLP

Connecticut Enacts New Cybersecurity Safe Harbor

Connecticut recently enacted cybersecurity legislation that provides a safe harbor for businesses that implement a written cybersecurity program. Under the legislation, set to go in effect on October 1, 2021, punitive damages...more

Jackson Lewis P.C.

Connecticut Enacts Safe Harbor From Punitive Damages In Data Breach Cases

Jackson Lewis P.C. on

Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from...more

Lowenstein Sandler LLP

States’ Safe Harbor Defense For Data Security Breaches Signals Possible Trend

Lowenstein Sandler LLP on

We are now seeing a potential trend where states are incentivizing companies through the creation of safe harbors to improve their cybersecurity posture, instead of penalizing them after a breach of personal information. Utah...more

Snell & Wilmer

Wellness Program Incentives – New Year, New EEOC Proposed Rules

Snell & Wilmer on

For years we have been trying to understand how the EEOC regulates wellness programs. Although we still do not have a complete picture, we are getting closer with the EEOC’s new Notices of Proposed Rulemaking on wellness...more

BCLP

AB 713 – CCPA’s New De-Identification Amendment is Effective as of January 1 and May Require Operational Changes

BCLP on

Although it received little notice, the CCPA was amended effective January 1, 2021 to clarify and modify the exemption relating to de-identified data, with particular focus on medical data.  Specifically, AB 713 amended the...more

Constangy, Brooks, Smith & Prophete, LLP

What's In Those Proposed Wellness Regs?

Some Q and A. Last week (while I was on vacay), the Equal Employment Opportunity Commission issued proposed regulations on wellness programs and the Americans with Disabilities Act and the Genetic Information...more

BakerHostetler

Compliance and Cybersecurity Best Practices Rewarded with HIPAA Safe Harbor

BakerHostetler on

On January 5, 2021, H.R. 7898 was signed into law with little fanfare, thereby amending the Health Information Technology for Economic and Clinical Health Act. As the healthcare industry continues to serve as one of the top...more

Jackson Lewis P.C.

Wellness Programs And Water Bottles, The EEOC Proposes New Rules Under The ADA And GINA

Jackson Lewis P.C. on

Since 1996, when Congress passed the Health Insurance Portability and Accountability Act (HIPAA), employers have been struggling with whether and to what extent they could offer incentives to employees to participate in...more

Jackson Lewis P.C.

Indiana AG Proposed Regulations Creating Corrective Action Plan Requirement And Cybersecurity Safe Harbor

Jackson Lewis P.C. on

A proposal by Indiana’s Attorney General Curtis Hill on Wednesday would add a significant step in the incident response process for responding to breaches of security affecting Indiana residents. On Wednesday, during a U.S....more

Laner Muchin, Ltd.

EEOC Moves Forward with New Draft Proposed Wellness Program Regulations

Laner Muchin, Ltd. on

Several times over the past few years, we have reported about the challenges wellness programs have faced from the Equal Employment Opportunity Commission (EEOC) and other litigants, as well as how a federal court struck down...more

Foley & Lardner LLP

State Data Breach Notification Laws - September 2020

Foley & Lardner LLP on

While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more

Foley & Lardner LLP

COVID-19: Privacy and Cybersecurity Regulatory and Enforcement Guidance (Update)

Foley & Lardner LLP on

As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more

77 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide