Medical Device Legal News with Sam Bernstein: Episode 10
Drafting Consumer Breach Notices — From a Litigation Perspective - Unauthorized Access Podcast
IP|Trend: Dust up After the Breach
Hot Topics Roundtable for Fund Managers - Cybersecurity, Valuation, and More
Recently, we had the opportunity to advise some clients who worked with a third-party vendor that maintained custody of personal information pertaining to our clients’ respective end users. The vendor suffered a data breach...more
Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular topics and posts from 2024. Expanding State Privacy Laws- This year saw a...more
The New York State Department of Financial Services (NYDFS) and the Attorney General’s office have recently imposed significant fines totalling $11.3 million on Geico and Travelers for data breaches that compromised the...more
Businesses suffering a data breach affecting Pennsylvania residents may have new compliance obligations pursuant to a recent amendment to the Commonwealth's data breach notification law. Earlier this year, Pennsylvania...more
In what may become an annual tradition, Pennsylvania has amended its breach notification law. The new provisions will take effect on September 26, 2024. As a reminder, Pennsylvania changed its law last year to expand the...more
Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more
The FTC recently announced that it had finalized the changes to the Health Breach Notification Rule (HBNR). This is roughly one year later from when the proposed changes were first released and three years later from the...more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
Utah, among other privacy laws it has enacted or modified recently, has also modified its breach notification law. This follows last year’s changes to the law, which among other things codified the state’s Cyber Center....more
Last year proved to be a big year in data protection with U.S. state data protection laws popping up across the country, the FTC updating its guidance and regulations on everything from data breaches and biometric...more
The FTC recently amended the Safeguards Rule to make non-banking institutions such as mortgage brokers, motor vehicle dealers, and payday lenders notify the FTC as soon as possible, and no later than 30 days after discovery,...more
Perkins Coie's Privacy & Security practice maintains this comprehensive chart of state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each...more
The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more
Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more
Pennsylvania recently amended its data breach notification law to expand its definition of personal information and provide for a HIPAA exception. The process for providing notice in the event of a username/email breach has...more
Arizona recently amended its breach notice law to change the regulator notification requirements. Starting this summer, depending on the scope of the incident, the Arizona Department of Homeland Security will need to be...more
The FTC recently published two new resources for complying with the Health Breach Notification Rule. The Rule requires vendors of personal health records (PHR), PHR-related entities and service providers to these entities, to...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
Report on Patient Privacy 20, no. 6 (June 2020): A divided Indiana Court of Appeals has reinstated a patient’s claim that a hospital is vicariously liable for the actions of a medical assistant who accessed the patient’s...more
Australia has started to observe a rise in the number of data breach class actions being investigated and filed, although there has not yet been a successful data breach class action there. A range of factors are at play...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Over the past few weeks, California Republican lawmakers have introduced a new package of legislation called “Your Data, Your Way,” which would expand and strengthen consumer privacy rights beyond what is required by the new...more
With legislative activity last month in Louisiana, South Carolina, Vermont, and Colorado adding to activity in South Dakota, Arizona, Oregon, and Alabama earlier in the year, it appears that 2018 could be a significant year...more
Australia's Data Breach Bill amends the Privacy Act 1988 (Cth) ("Privacy Act") and requires private and public organisations regulated by the Privacy Act to notify affected individuals and the Australian Information...more