Latest Publications

Share:

Three Important Considerations For All Businesses in Light of GDPR

Today, the European General Data Protection Regulation (“GDPR”) takes effect. The GDPR is the most comprehensive and complex privacy regulation currently enacted....more

Hospital Servers Infected with Malware for Over a Year Affect More than 500,000

Malware-infected servers of a Baltimore hospital system, LifeBridge, may have affected more than half a million patient records. LifeBridge reports in a statement on its website that it discovered malware on the servers that...more

DHS Issues Cybersecurity Strategy

The Department of Homeland Security (“DHS”) released its cybersecurity strategy on May 15, 2018. The 35-page document sets forth a plan for managing cybersecurity risks through public and private sector collaboration....more

5/17/2018  /  Cybersecurity , DHS

Uber Catches Break in Data Breach Class Action

Uber suffered a data breach in 2014 resulting in the compromise of more than 50,000 drivers’ personal information, including back account and social security numbers. Drivers brought a class action suit in federal court in...more

GAO Says CMS Must Do More to Protect Medicare Info

In a report released on April 5, 2018, the Government Accountability Office (GAO) concluded that the Centers for Medicare and Medicaid Services (CMS) has not done enough to adequately protect the electronic data of Medicare...more

And Alabama Makes 50

On March 28, Alabama’s governor signed into law a data breach notification law. It is the last state in the country to do so, closely trailing South Dakota. ...more

D.C. Circuit Reins in FCC’s Overbroad TCPA Interpretations

On March 16, a year and a half after hearing oral argument, the D.C. Circuit Court of Appeals issued a long-awaited decision overturning two of the Federal Communications Commission’s (FCC) far-reaching interpretations of the...more

South Dakota is the 49th State to Enact a Breach Notification Law

Yesterday, South Dakota’s Governor signed into law “An Act to provide for the notification related to a breach of certain data and to provide a penalty therefor.” Under the Act, when a “breach of system security” involves...more

The Standing Struggle in Data Breach Litigation Continues

Two courts. Two days. Two different results. On March 7, on remand from the U.S. Court of Appeals for the Eighth Circuit, a federal district court judge in Minnesota granted a motion to dismiss a consumer class action suit...more

Yahoo to Pay $80 Million to Settle Securities Class Action Based on Data Breaches

Yahoo agreed to pay shareholders $80 million to settle a federal securities class action suit, as detailed in the parties’ March 2, 2018 proposed settlement agreement filed with the court. In that suit, the shareholders...more

Welcomed Draft Commentary from the Sedona Conference on BYOD

Many organizations struggle with whether to permit employees to use their own electronic devices (e.g., mobile phones, tablets, laptops) to conduct business on behalf of the organization. In addition to discovery challenges...more

Out-of-Business File Storage Company Paid $100K for Alleged HIPAA Violations

Yesterday, DHHS’s Office for Civil Rights (OCR) announced a $100,000 settlement with a dissolved medical records moving and storage company in Illinois. This is another example of OCR bringing enforcement actions against a...more

$3.5 M OCR Settlement for Five Breaches Affecting Fewer Than 500 Patients Each

Yesterday, OCR announced its $3.5 million settlement with Fresenius Medical Care Holdings (“Fresenius”) to resolve alleged HIPAA violations. While the large settlement figure alone is eye-catching, the underlying facts...more

Connecticut Recognizes New Cause of Action for Breach of Patient/Physician Confidentiality

Based on the decision in a recent Connecticut Supreme Court case, patients may now sue physicians for breaching confidentiality. Previously, Connecticut did not recognize breach of confidentiality as a cause of action. ...more

CMS Clarifies that Texting of Orders is Not Permitted

On December 28, 2017, the Centers for Medicare and Medicaid Services (CMS) issued a Survey and Certification Memorandum (S&C Memo) to clarify CMS’ position that it prohibits physicians and health care providers from texting...more

'Tis the Season: W-2 Phishing Scams Likely to Resurface After the New Year

W-2 phishing season is just a few weeks away. For the past several tax seasons, cyber criminals have duped hundreds of payroll departments into providing W-2 information on their employees, which results in the filing of...more

Feds Warn of Critical Infrastructure Attacks as CT Releases Report on Utility Company Cyber-Readiness

According to Reuters, late on Friday, the Department of Homeland Security ("DHS") and the FBI issued a warning in a report, sent to firms at risk of an attack, that critical infrastructure industries may have been targeted in...more

Legislature Addresses Ransomware Threat With Criminal Penalties

It is fitting that on the first day of Cybersecurity Awareness Month, new legislation takes effect regarding one of the most destructive types of malware. In response to the rapidly increasing rate of computer extortion...more

Protecting Data: Vendors May Be Your Weakest Link

A Verizon Communications vendor misconfigured a cloud server that caused the information of 6 million Verizon customers to be exposed on-line. When a cyber incident or data breach occurs on your vendor’s watch, regardless of...more

Data Breaches Most Expensive For Health Care Industry But Precautionary Measures Can Keep Costs Down

Data breaches have become commonplace in every industry. In health care, however, it costs much more to respond to a data breach than in all other industries in this country, according to the results of a recent IBM-sponsored...more

Information Security and Privacy Group News: Five Things You Can Do to Protect Your Business From a Cyber Attack

On Friday, May 12, 2017, a damaging ransomware attack swept across more than one hundred countries and infected tens of thousands of computers. As is becoming all too common, the hackers transmitted the ransomware via a...more

Information Security and Privacy Group News: Phishing Alert: Employee W-2 Information at Risk

It's happening again. This time last year, there were a substantial number of phishing attacks all over the country targeting employee W-2 information. According to the IRS, phishing and other schemes jeopardizing tax...more

Health Care Group News: OCR Releases New Clarifying Guidance In Response To Orlando Pulse Nightclub Attack

In an emergency, when there is a flurry of activity in a hospital, covered entities often struggle with who they are permitted to release patient information to under HIPAA. On January 11, 2017, the Department of Health and...more

Health Care Group News: Texas District Court Preliminarily Enjoins Partial Enforcement of Section 1557

In May of last year, the United States Department of Health and Human Services ("HHS") enacted regulations implementing Section 1557 of the Affordable Care Act. These regulations aimed to enhance language assistance and...more

Health Care Group News: Section 1557's Nondiscrimination Mandates

Physicians and other health care providers receiving federal funding, including Medicaid but excluding Medicare Part B, are subject to new regulatory requirements implementing Section 1557 of the Affordable Care Act...more

26 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.