Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
AI tools often drive efficiency and save money, but they have drawbacks. Here’s what to know....more
Are you responsible for privacy compliance at your company? This alert summarizes key takeaways from Paul Rothermel's recent presentation 10 Things You Should Know About Privacy, Consent, and HIPAA...more
As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
On February 14, 2024, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) issued two reports to Congress as required by the Health Information Technology for Economic and Clinical Health...more
The U.S. Department of Health and Human Services ("HHS") issued a concept paper describing its overarching strategy to address healthcare cybersecurity. The concept paper builds on the Biden-Harris Administration's National...more
Key Points - President Biden’s eagerly-awaited executive order (EO) on artificial intelligence (AI) tasks the Department of Health & Human Services (HHS) with promoting responsible AI innovation, development and use,...more
Much is being written about “remote work” – is it productive, will demand for it continue or be curtailed in a recession, is cybersecurity compromised, does it inhibit workplace culture, collaboration, etc. Lots of questions,...more
In Pennsylvania, data breach notification is governed by the Breach of Personal Information Notification Act (“the Act”). Originally codified in 2005, the Act addresses the security of computerized data and the notification...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
Connecticut Governor Ned Lamont recently signed into law “An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses” (Public Act No. 21-119). Under the Act, “covered entities” that implement certain...more
Introduction - The Connecticut legislature recently enacted a pair of new data breach and cybersecurity statutes — Public Act 21-59 and Public Act 21-119 — on June 16 and July 6, respectively. Both laws will take effect on...more
State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy...more
On January 21, 2021, the Department of Health and Human Services (HHS) published proposed modifications to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for...more
A year full of firsts, 2020 introduced a number of new consumer data privacy protection laws. While the California Consumer Privacy Act (CCPA) is one of the most well-known, other states have also adopted their own privacy...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
On January 23, 2020, the United States District Court for the District of Columbia declared sections of the 2013 Omnibus Rule unlawful. The Court found that the Department of Health and Human Services (HHS) impermissibly...more
The U.S. District Court for the District of Columbia has vacated controversial portions of the U.S. Department of Health and Human Service’s (“HHS”) regulations and guidance regarding access and copy fees for third party...more
Privacy issues implicate several Bankruptcy Code sections and Bankruptcy Rules. The debtor must also comply with non-bankruptcy rules concerning privacy to the extent that such rules are not inconsistent with the Bankruptcy...more
Key Takeaways - - Personal information subject to New York’s breach notification law now includes biometric data, online credentials and account numbers (even without a PIN/code if the account could be used without those). ...more
According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. ...more
According to a February 12, 2019 Press Release from Protenus, a developer of analytics for patient privacy monitoring and compliance, 15,085,302 patient records were breached in 2018 – a startling number made even more...more