New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
A lot is changing across the healthcare landscape, as fast-paced developments in technology allow providers and clinics to see more patients virtually and harness the power of big data to better visualize healthcare trends....more
In early January, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking. The Proposed Rule would modify the Security Standards for the Protection of...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
Updates to the Health Insurance Portability and Accountability Act Security Rule (“HIPAA Security Rule”) are planned for Spring 2024. New guidance from The Department of Health and Human Services (“HHS”) via a recently...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
The Department of Health and Human Services (“HHS”) has issued a formal request for information from the public about how regulated entities are implementing industry recognized security practices. The request for information...more
Sponsors of clinical trials in the United States have a regulatory responsibility under 21 CFR Part 312.50 to monitor the progress of clinical studies. Historically, Sponsors performed in-person monitoring visits of every...more
Enforcement Actions - In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more
Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more
War in the Time of Crypto - "In the Russia-Ukraine conflict, which side is crypto helping? Both." Why this is important: The world continues to watch Russia's invasion of Ukraine as it dominates news outlets. An...more
Over the last several months, a minority of states amended their data breach notification statutes or enacted sector-specific breach notification requirements. ...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more
At the close of Connecticut’s 2021 legislative session, a pair of data protection/cybersecurity related bills made their way to Governor Ned Lamont’s desk, while a CCPA-like omnibus privacy law falling one floor vote short. ...more
The state of Virginia might be the next state to enact a privacy law. Senate Bill No. 1392 recently passed the Senate and is likely on its way to Governor Ralph Northam’s desk....more
On January 5, 2020, President Trump signed into law H.R. 7898. This new statute amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Department of Health and Human Services...more
Recently we wrote about two amendments to the California Consumer Privacy Act of 2018 (CCPA) that were awaiting signature on Governor Newsom’s desk: AB 1281 – which extends the one-year exemptions for employee information and...more
On May 22, 2020, the Federal Trade Commission (the “FTC”) published its decennial request for public comment (the “RFC”) on the FTC’s Health Breach Notification Rule (the “HBN Rule”)....more
As was previously written, last fall New York enacted the "Stop Hacks and Improve Electronic Data Security Act" (SHIELD ACT), which required businesses having private information of New York residents to implement a written...more
New York State has enacted S5575, the Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”). This new law amends New York General Business Code 899-aa and adds Section 899-bb to significantly expand consumer...more
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. ...more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
Introduction - The Ohio Data Protection Act comes into effect November 1, 2018. The law is important for business data holders because it grants them a defense if a data breach occurs and the company can prove it had a...more
Groundbreaking. Watershed. Unprecedented. - We have heard the California Consumer Privacy Act of 2018 (CCPA) called all these things and more since its enactment on June 28, ?2018. Our experience to date has confirmed the...more