News & Analysis as of

Data Protection Office of Civil Rights

Health Care Compliance Association (HCCA)

Seven Years After Worldwide NotPetya Attacks, OCR Singles Out PA System, Collects Nearly $1M

Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more

Clark Hill PLC

HHS Bulletin on Online Tracking Technologies Declared Unlawful: What Covered Entities and Business Associates Need to Know About...

Clark Hill PLC on

Online tracking technologies are used by healthcare and hospital systems throughout the United States to analyze their website traffic, personalize content, and provide relevant information to website visitors, some of whom...more

Wilson Sonsini Goodrich & Rosati

Texas District Court Vacates OCR's HIPAA Bulletin on Online Tracking Technologies, But Issues Mixed Decision

On June 20, 2024, the United States District Court for the Northern District of Texas ordered the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) to vacate its guidance that had restricted...more

Troutman Pepper

Understanding Regulatory Response Times Following a Cybersecurity Incident - Dear Mary – Incidents + Investigations Cybersecurity...

Troutman Pepper on

‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more

Clark Hill PLC

Right To Know - June 2024, Vol. 18

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Health Care Compliance Association (HCCA)

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - May 2024

Robinson & Cole LLP on

CYBERSECURITY - CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag - In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency...more

Orrick, Herrington & Sutcliffe LLP

Biden Administration Updates HIPAA to Protect the Privacy of Reproductive Health Care

The Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), has issued a final rule updating the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule in an effort to...more

Clark Hill PLC

Right To Know - April 2024, Vol. 16

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

K&L Gates LLP

Health System Cybersecurity Risks: Part One

K&L Gates LLP on

In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving...more

Arnall Golden Gregory LLP

Healthcare Authority Newsletter - March 2024 #3

News Briefs - New HHS Task Force Aims to Oversee AI in Healthcare - Details are emerging on a new HHS task force faced with a monumental task: creating a regulatory structure to oversee utilization of artificial intelligence...more

Wilson Sonsini Goodrich & Rosati

OCR at HHS Updates Guidance on Use of Online Tracking Technology by HIPAA-Regulated Entities

On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health...more

Manatt, Phelps & Phillips, LLP

HIPAA Enforcer Updates Guidelines on Online Tracking Amid Calls for Clarity: Key Takeaways

On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its December 2022 guidance for HIPAA-regulated entities regarding the use of online tracking technologies...more

Katten Muchin Rosenman LLP

OCR Updates Guidance on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates

On March 18, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technologies by covered entities and business associates (regulated...more

Arnall Golden Gregory LLP

Responding to a Third-Party Data Breach: Practical Legal and Compliance Steps

Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more

Hogan Lovells

Updated OCR guidance does not solve HIPAA’s tracker uncertainty

Hogan Lovells on

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance concerning compliance obligations for HIPAA covered entities and business associates using online tracking...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

Dickinson Wright

How Did They Get My Protected Health Information?

Dickinson Wright on

It is no secret that protected health information (or “PHI”) is more and more at risk for cybersecurity attacks. In 2022 (the most recent year this statistic is available), the Department for Health and Human Services Office...more

Paul Hastings LLP

Data Breaches Exposing Protected Health Information Are Surging

Paul Hastings LLP on

The number of large data breaches, those involving 500 or more people, exposing protected health information has increased exponentially in the last few years, and ransomware and hacking are the primary cyber threats in...more

Quarles & Brady LLP

Never Say Never Again: HHS Signals the Return of HIPAA Audit Program

Quarles & Brady LLP on

On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more

BakerHostetler

HHS Publishes ‘Voluntary’ Healthcare Cybersecurity Performance Goals in Record Time but Leaves Questions Unanswered

BakerHostetler on

As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more

Health Care Compliance Association (HCCA)

‘An Unknown Individual Walked In’: Protecting Against Telehealth Risks Includes Non-IT Threats

The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more

Jackson Lewis P.C.

Downstream Breaches Cause Headaches for Healthcare Providers, as State AG Seeks Law Change to Require AG Notification

Jackson Lewis P.C. on

For healthcare providers and health systems covered by the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), a breach of unsecured protected health information (PHI)...more

Seyfarth Shaw LLP

Cyber Strategy: HHS Weighs in on Cybersecurity in the Healthcare Industry

Seyfarth Shaw LLP on

Seyfarth Synopsis: The health care sector faces escalating cybersecurity risks given its size, technological dependence and the sensitive nature of data used therein. According to the U.S. Department of Health and Human...more

343 Results
 / 
View per page
Page: of 14

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide