Latest Publications

Share:

CMS Clarifies Text Messaging Prohibition

After a confusing month of contradicting guidance, the Centers for Medicare & Medicaid Services (CMS) issued a memorandum clarifying its position regarding the use of text messaging with patient information between providers....more

Unsealed Qui Tam Alleges Nearly $325 Million in Improper Payments

A recently unsealed qui tam action further demonstrates the growing focus on the propriety of incentive payments made under Medicare and Medicaid's Electronic Health Records (EHR) Incentive Programs. Health care providers...more

Peer Review Not Protected: U.S. Supreme Court Will Not Disturb Florida Decision Limiting the Patient Safety and Quality...

A multi-year discovery dispute regarding the adverse medical incident reports of a Jacksonville, Florida hospital concluded on October 2, 2017 when the United States Supreme Court denied a petition for a writ of certiorari in...more

Maryland and Delaware to Roll Out Changes to Data Breach Laws in 2018

States continue to amend their Data Protection and Breach Notification Requirements. Maryland and Delaware are the most recent states to pass legislation designed to bring additional precision to an organization's...more

What You Need to Do Now: Responding to the Major Cybersecurity Attack Against Organizations

Regardless of whether you have experienced any disruptions to date, you cannot ignore the major global cybersecurity attack that continues to plague organizations. A particularly destructive piece of malicious software, the...more

New York AG Puts Mobile Health App Developers on Notice

New York Attorney General Eric T. Schneiderman announced on Friday that the AG's office reached settlements with three mobile application developers who marketed their apps without possessing sufficient information to back up...more

OCR Examines Hybrid Entity Designation in Latest HIPAA Settlement

On November 22, 2016, the University of Massachusetts Amherst (UMass) agreed to pay $650,000 and enter into a corrective action plan to settle allegations that it violated the HIPAA Privacy and Security Rules in connection...more

Practice Spotlight: Best Practices for Responding to the Threat of Ransomware

Ransomware, a specialized form of malware used for extortion attempts, has been around the internet for more than a decade but now, because of a rash of recent attacks, has moved to the forefront as the most problematic cyber...more

Significant New EU Data Protection Privacy Framework Regulation Approved

On April 14, 2016 the European Parliament approved the European Union General Data Protection Regulation (GDPR), which replaces the EU Data Protection Directive (95/46/EC), the privacy law originally established in 1995. The...more

Important Notice Regarding Amendments to Tennessee's Breach Notification Statute

All companies with Tennessee employees or customers need to revise their data incident policies and procedures. Tennessee has revised their breach notification statute to remove the encryption safe harbor, which previously...more

Are You Ready? New Round of HIPAA Audits Are Underway

On March 21, 2016, the Office for Civil Rights (OCR) formally announced the start of its 2016 Phase 2 Health Insurance Portability and Accountably Act (HIPAA) Audit Program. Unlike Phase 1, in which OCR's 2012 pilot program...more

Ransomware Attack Highlights Importance of Preparation

Hollywood Presbyterian Medical Center in Los Angeles recently paid a $17,000 ransom in bitcoins to a malware hacker who seized control of the hospital's computer systems and demanded money ransom as a condition to returning...more

U.S.-EU Safe Harbor Agreement Reached: Introducing the EU-U.S. Privacy Shield

United States and European Union Commission negotiators announced today that they have reached a political agreement on a new data transfer framework that will replace the Safe Harbor Program, which was invalidated in 2015 by...more

Cyber Attack Information Sharing will Bring Liability Protections to Companies

On December 18, 2015, President Obama signed the 2016 Consolidated Appropriations Act. Included in this must-pass federal funding legislation is the Cybersecurity Act of 2015, which represents the most significant federal...more

Uncertainty Abounds After EU High Court Invalidates EU-U.S. Safe Harbor Framework

On October 6, 2015, the Court of Justice of the European Union declared invalid the more than 15-year-old EU-U.S. Safe Harbor Framework. Thousands of U.S. businesses have complied with, and thus relied upon, the Safe Harbor...more

HIPAA Settlement Regarding Use of Internet Applications

On July 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton, Massachusetts, regarding potential...more

Significant Guidance Released Regarding HIPAA Compliance

The Office of the National Coordinator for Health IT (ONC) released an updated version of the 2011 Guide to Privacy and Security of Electronic Health Information (Guide). The 62-page Guide provides significant guidance to...more

President Obama Signs Several Bills Aimed at Cybersecurity

On December 18, 2014, President Barack Obama signed several significant cybersecurity bills into law. These bills include the Federal Information Security Modernization Act, the Border Patrol Agent Pay Reform Act, the...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

DOL Gives States More Control Over Self-Insured Health Plans

On November 6, 2014, the U.S. Department of Labor, Employee Benefits Security Administration (DOL) published Technical Release 2014-01, which provides technical guidance to States concerning stop-loss insurance. Stop-loss...more

A Recent State Supreme Court Ruling Opens the Door for Breach of Privacy Claims Against Health Care Providers

It has long been established that there was no private right of action with regard to HIPAA. All providers must be aware that state courts are beginning to turn the tide regarding such liability. On November 11, 2014, the...more

$840 Million in Grants From Government Available to Providers

The Centers for Medicare & Medicaid Services (CMS) Innovation Center intends to award $840 million in grants to test methodologies to improve clinical practices and care. CMS's Transforming Clinical Practice Initiative (TCPI)...more

The Effect of California's New Privacy Laws on Your Company

California Governor Jerry Brown signed into law on September 30, three amendments to California's privacy laws of which every business must be aware. The amendments to the Civil Code (i) significantly broaden the scope of...more

Delaware Data Destruction Law Highlights the Necessity of Data Destruction Plans

The list of states requiring the disposal or destruction of personal data is growing, and companies need to respond accordingly by adopting data destruction plans. Delaware recently became the latest in a series of states to...more

Between the "Like" Button and a Hard Place: Understanding the Implications of Hulu's Latest Argument Against User's Privacy...

Companies commonly utilize Facebook as part of their online social media advertising strategy. Companies should revisit this strategy in light of a recent finding in the Northern California U.S. District Court (In re Hulu...more

30 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.