New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
A lot is changing across the healthcare landscape, as fast-paced developments in technology allow providers and clinics to see more patients virtually and harness the power of big data to better visualize healthcare trends....more
In early January, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking. The Proposed Rule would modify the Security Standards for the Protection of...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
Sponsors of clinical trials in the United States have a regulatory responsibility under 21 CFR Part 312.50 to monitor the progress of clinical studies. Historically, Sponsors performed in-person monitoring visits of every...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
At the close of Connecticut’s 2021 legislative session, a pair of data protection/cybersecurity related bills made their way to Governor Ned Lamont’s desk, while a CCPA-like omnibus privacy law falling one floor vote short. ...more
A year full of firsts, 2020 introduced a number of new consumer data privacy protection laws. While the California Consumer Privacy Act (CCPA) is one of the most well-known, other states have also adopted their own privacy...more
Recently we wrote about two amendments to the California Consumer Privacy Act of 2018 (CCPA) that were awaiting signature on Governor Newsom’s desk: AB 1281 – which extends the one-year exemptions for employee information and...more
On January 1, 2020 California Consumer Privacy Act (“CCPA”) largely came into effect, albeit with several last-minute modifications and a need to promulgate regulations. ...more
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. ...more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
Groundbreaking. Watershed. Unprecedented. - We have heard the California Consumer Privacy Act of 2018 (CCPA) called all these things and more since its enactment on June 28, ?2018. Our experience to date has confirmed the...more
As of February 15, 2018, banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) are required to file their first certification of...more
On Jan. 3, 2018, the Substance Abuse and Mental Health Services Administration (SAMHSA) issued its final rule regarding the Confidentiality of Substance Use Disorder Patient Records Part 2. These changes become effective Feb....more
This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more
The HHS Office for Civil Rights (OCR) announced this week that it has launched the long-anticipated latest round of audits for compliance with the privacy, security, and breach notification provisions of the Health Insurance...more
The National Association of Insurance Commissioners (“NAIC”) continued its efforts to advance cybersecurity in the insurance industry when it recently adopted the Cybersecurity Bill of Rights. The Cybersecurity Bill of Rights...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more
Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more