News & Analysis as of

Breach Notification Rule Data Privacy

Wiley Rein LLP

What to Expect from New FTC Leadership on Digital Health Care

Wiley Rein LLP on

Digital health care companies have navigated a wave of new developments at the Federal Trade Commission (FTC) over the past few years. With new leadership in the Trump Administration, the FTC may be poised to change some of...more

BCLP

Cyber - More Than Just Breach Response

BCLP on

The vast majority of commentary and public advice concerning data breaches surround, deservedly, the breach itself. This focus is only natural; it is the breach itself that requires victims to bring enormous resources to bear...more

Sands Anderson PC

Who’s Responsible When a Third-Party Vendor Is Compromised?

Sands Anderson PC on

Recently, we had the opportunity to advise some clients who worked with a third-party vendor that maintained custody of personal information pertaining to our clients’ respective end users.  The vendor suffered a data breach...more

Dickinson Wright

‘Security! Security!’ HHS Proposes Updates to HIPAA’s Security Rule

Dickinson Wright on

Can you remember healthcare security 20+ years ago? It seems like a different world from now. Believe it or not, the HIPAA Security Rule has barely changed since it was first enacted in 2003 and has been long overdue for a...more

DLA Piper

Thailand: PDPC’s Clarification on Personal Data Breach Notification

DLA Piper on

Since the full implementation of Thailand’s Personal Data Protection Act (PDPA) in June 2022, the Personal Data Protection Committee (PDPC) has been instrumental in shaping the nation’s data protection framework. ...more

McCarter & English, LLP

Season of Enforcement: OCR Announces Its Sixth Enforcement Action of 2025

With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Constangy, Brooks, Smith & Prophete, LLP

Constangy’s 10 must-read articles of 2024

As we welcome 2025, here are 10 must-read Constangy bulletins and blog posts from 2024, highlighting insights that guided our readers through important legal developments, workplace issues, and the challenges in cybersecurity...more

Jackson Lewis P.C.

2024 Wrap-Up of the Workplace Privacy, Data Management & Security Report

Jackson Lewis P.C. on

As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular topics and posts from 2024. Expanding State Privacy Laws- This year saw a...more

Mayer Brown

New York Gives Businesses a Package of Six New Consumer Data Protection Laws to Unwrap During the Holiday Season

Mayer Brown on

On December 21, 2024, while many Americans were busy signing holiday cards and exchanging gifts, New York Governor Kathy Hochul was signing six significant pieces of legislation aimed at enhancing online safety and...more

Health Care Compliance Association (HCCA)

Disclosure of Full Record to Employer Results in $35K Fine, Broad CAP; Echoes of 2017 HIV Case

It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more

Ropes & Gray LLP

Key Privacy and Cybersecurity Watchdogs Make Their Naughty Lists

Ropes & Gray LLP on

Although 2024 saw several states enact comprehensive privacy legislation, another year is nearly gone, and we still do not have a comprehensive federal privacy law to resolve the rapidly evolving patchworks of state laws....more

Wilson Sonsini Goodrich & Rosati

New EU Cybersecurity Obligations for Connected Devices: What You Need to Know

On October 10, 2024, the European Union officially adopted the Cyber Resilience Act (CRA), which introduces cybersecurity obligations for internet-connected hardware and software products offered in the EU (such as...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

Troutman Pepper Locke

Notifying Law Enforcement of Security Incidents - Dear Mary – Incidents + Investigations Cybersecurity Advice Column

Troutman Pepper Locke on

“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – August 2024

Alston & Bird on

Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more

Clark Hill PLC

Right To Know - August 2024, Vol. 20

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Alston & Bird

FTC’s Updated Health Breach Notification Rule Now in Effect

Alston & Bird on

The revamped Health Breach Notification Rule by the Federal Trade Commission (FTC) took effect on July 29, 2024, expanding consumer privacy protections to the users of online health platforms and health and wellness apps. Our...more

Seyfarth Shaw LLP

Malaysian Parliament Passes the Personal Data Protection (Amendment) Bill 2024

Seyfarth Shaw LLP on

The Personal Data Protection (Amendment) Bill 2024 (“PDPB”) was at last passed by the Malaysian Parliament at the end of July. After Royal Assent and publishing, it will become law (on a date to be determined by the Minister...more

Ballard Spahr LLP

The FTC's Revised Health Breach Notification Rule Is Now in Effect

Ballard Spahr LLP on

The Federal Trade Commission (FTC) continues to enforce and update its Health Breach Notification Rule (HBNR) amidst a fast-changing regulatory environment. A new rule, which took effect this week, expands the scope of the...more

Orrick, Herrington & Sutcliffe LLP

FTC Health Breach Notification Rule Update: 6 Things You Should Know

The Federal Trade Commission (FTC) has updated its Health Breach Notification Rule that applies to non-HIPAA, consumer health data. Among the revisions, the FTC expanded or introduced key definitions and modified the...more

Troutman Pepper Locke

Understanding Breach Notification Obligations Under California Law: What Does the CCPA Require? - Dear Mary – Incidents +...

Troutman Pepper Locke on

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Health Care Compliance Association (HCCA)

OCR: Rule Halts Disclosures Under ‘Presumption of Lawfulness,’ Shares Model Attestation Form

Attestations are at the heart of permissible disclosures under the HHS Office for Civil Rights’ (OCR) new reproductive health privacy rule—and OCR wants covered entities (CEs) and business associates (BA) to use them now. The...more

Faegre Drinker Biddle & Reath LLP

FTC Updates Health Breach Notification Rule

On July 1, 2024, the amendments to the Health Breach Notification Rule (HBNR) went into effect. First promulgated in 2009, the HBNR applies to vendors of personal health records — entities that are not covered by the Health...more

Kelley Drye & Warren LLP

What Updates to the Health Breach Notification Rule Mean for Your Business

On July 29, 2024, the FTC’s revised Health Breach Notification Rule (HBNR) takes effect. The Rule requires vendors of personal health records (PHRs) and related entities not covered by HIPAA to notify individuals, the FTC,...more

128 Results
 / 
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide