Pixels, cookies, and trackers continue to be front of mind for HIPAA regulated entities seeking clarity on their ability to advertise, market, and engage with existing and prospective patients. On March 18, 2024, the U.S....more
3/21/2024
/ Cybersecurity ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Innovative Technology ,
Privacy Laws ,
Tracking Systems ,
Web Tracking ,
Websites
Editor’s Note: PYA and Foley & Lardner hosted the 6th Annual “Let’s Talk Compliance” two-day Virtual Conference on January 18 and 19, 2024. Panelists included Foley & Lardner attorneys and PYA experts. The event was hosted by...more
Recognizing the evolving landscape of care delivery and growth of telehealth, the U.S. Department of Health and Human Services (HHS) published a resource guide aimed at assisting telehealth providers in explaining the privacy...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The National Institute of Standards and Technology (NIST) has released an initial draft of Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide (Resource...more
On April 4, 2022, the U.S. Department of Health and Human Services (HHS) released a Request for Information (RFI) seeking input from HIPAA-covered entities and business associates on how the industry understands and is...more
The Federal Trade Commission (FTC) just released a Policy Statement emphasizing how telemedicine and digital health apps can be held accountable under the Health Breach Notification Rule, even if the company is not subject to...more
On June 2, 2021, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, published a rare open letter to the corporate executives and business leaders of...more
6/14/2021
/ Corporate Executives ,
Cybersecurity ,
Department of Justice (DOJ) ,
Economic Sanctions ,
Embargo ,
Executive Orders ,
Hackers ,
International Emergency Economic Powers Act (IEEPA) ,
Joe Biden ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Ransomware ,
TWEA
The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more
4/6/2020
/ Business Associates Agreement (BAA) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The National Institute of Standards and Technology (NIST) has announced proposed changes to NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The U.S. Department of Health and Human Services (DHHS) recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). DHHS states that the purpose of the HICP is to:
1. Raise...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
With the news of the newest international ransomware campaign that is currently affecting some organizations within the Health Care sector, it is important to not only educate staff on necessary precautions, but also be aware...more
Businesses have been scrambling since Friday evening when news spread that a ransomware attack named WannaCry is compromising organizations at an alarming rate. In less than 48 hours, it has compromised more than 130,000...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more