As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
5/17/2024
/ COPPA ,
Covered Entities ,
Data Management ,
Data Protection ,
Fines ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Maryland ,
Minor Children ,
Penalties ,
Personal Data ,
Popular ,
Privacy Laws ,
Safety Standards
Last month, we reported that the United States Senate, Committee on Commerce, Science, and Transportation, conducted a hearing on “Enlisting Big Data in the Fight Against Coronavirus.” Specifically, the Committee focused on...more
As 2020 gets underway, Congress will continue to deliberate on federal privacy legislation in the second session of the 116th Congress. The California Consumer Privacy Protection Act (CCPA) went into effect on January 1, and...more
1/30/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Covered Entities ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Privacy Laws ,
Rulemaking Process ,
State Data Breach Notification Statutes
The short answer is “no”. The CCPA has a specific definition for “service provider” at Section 1798.140(v) – and it also requires a vendor to be bound by a written contract that prohibits it from...more
On June 28, 2018, California passed the California Consumer Privacy Act (CCPA) and then further amended it on September 23, 2018. CCPA breaks new state law privacy ground and imposes consumer protections that are comparable...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more
For our HIPAA-covered entity readers, we have asked these questions before: Have you taken a business associate inventory? Have you undertaken a comprehensive risk assessment as required by HIPAA?...more
Happy autumnal equinox
Home Depot Breach – By the Numbers:
- 56 million cards at risk (compare to Target = 40 million)
- $62 million in estimated costs (compare to Target =$146 million and...more
As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more
2/18/2013
/ Business Associates ,
Cloud Computing ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Employee Retirement Income Security Act (ERISA) ,
Fundraisers ,
HIPAA Omnibus Rule ,
HITECH Act ,
Marketing ,
Notice Requirements ,
OCR ,
PHI ,
Privacy Rule ,
Risk Assessment ,
Subcontractors ,
Training