News & Analysis as of

Protected Health Information Data Protection Data Security

Orrick, Herrington & Sutcliffe LLP

Kentucky enacts technical amendments to the Kentucky Consumer Data Protection Act

On March 15, Kentucky passed HB 473 (the “bill”), which amends the Kentucky Consumer Data Protection Act (the “Act”), whose passage was previously covered by InfoBytes and goes into effect on January 1, 2026. The bill creates...more

Epstein Becker & Green

Proposed Modernization of the HIPAA Security Rules

Epstein Becker & Green on

The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more

Paul Hastings LLP

HHS OCR Releases Proposed Updates to HIPAA Security Rule

Paul Hastings LLP on

On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more

Parker Poe Adams & Bernstein LLP

The Major Developments in 2024 in Cybersecurity and Data Privacy

Companies continue to face a patchwork of state data privacy laws, federal agencies targeted companies' collection of sensitive consumer information, and a handful of states passed artificial intelligence-related regulation...more

Mintz - Health Care Viewpoints

EnforceMintz — Healing Healthcare? DOJ’s Cybersecurity Enforcement Trained Up for 2025

In 2024, the Department of Justice (DOJ) pursued significant enforcement activity under its Civil Cyber-Fraud Initiative (CCFI). As our readers know, the Deputy Attorney General announced the creation of the CCFI in October...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

Quarles & Brady LLP

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Dinsmore & Shohl LLP

Deadline Approaching for Compliance with New HIPAA Reproductive Health Care Privacy Rule

Dinsmore & Shohl LLP on

The deadline for compliance with the Department of Health and Human Services Office of Civil Rights’ (“OCR”) recent update to the HIPAA Privacy Rule is December 22, 2024 -- less than thirty days away. Last spring, OCR...more

Jones Day

New York Imposes Stringent Cybersecurity and Cyber Incident Reporting Obligations on Hospitals

Jones Day on

New York recently passed new cybersecurity regulations for hospitals licensed in New York to enhance patient safety and cybersecurity....more

Dinsmore & Shohl LLP

[Webinar] Don't Be the Next Change Healthcare: How to Avoid a Breach and Prepare Your Response Plan - October 29th, 12:00 pm -...

Dinsmore & Shohl LLP on

During the first half of this webinar, Jen Mitchell, Bryan Murray and Laura Fryan, will focus on practical tips and pointers on avoiding a HIPAA breach and what lessons you can take away from the Change Healthcare breach. ...more

Kelley Drye & Warren LLP

HIPAA Privacy Rule Revisions Address Reproductive Protected Health Information

The Department of Health and Human Services (the ​“HHS”) recently issued a final rule (the ​“Final Rule”) amending the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy Rule. Among other things, the Final...more

Fisher Phillips

Disclosure of Data Through Website Cookies May Be a Data Breach – What A Recent Court Ruling Means for Healthcare Businesses

Fisher Phillips on

A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more

Ballard Spahr LLP

The FTC's Revised Health Breach Notification Rule Is Now in Effect

Ballard Spahr LLP on

The Federal Trade Commission (FTC) continues to enforce and update its Health Breach Notification Rule (HBNR) amidst a fast-changing regulatory environment. A new rule, which took effect this week, expands the scope of the...more

Orrick, Herrington & Sutcliffe LLP

FTC Health Breach Notification Rule Update: 6 Things You Should Know

The Federal Trade Commission (FTC) has updated its Health Breach Notification Rule that applies to non-HIPAA, consumer health data. Among the revisions, the FTC expanded or introduced key definitions and modified the...more

McGuireWoods LLP

Senior Living Alert: HIPAA Security Rule Compliance for Senior Living Facilities

McGuireWoods LLP on

The U.S. Cybersecurity & Infrastructure Security Agency has deemed healthcare entities “target rich, cyber poor,” meaning they have copious amounts of consumer and patient data but often do not have the cybersecurity means to...more

Health Care Compliance Association (HCCA)

[Webinar] Understanding HIPAA De-Identification: Exploring the Mysterious 18th Identifier - August 22nd, 12:00 pm - 1:30 pm CT

Learning Objectives: - Understand the methods for de-identification - Learn about the differences between anonymization, de-identification, and pseudonymization - Understand what “potential for re-identification”...more

Quarles & Brady LLP

Deadline for Employers to Comply with Reproductive Health Care Privacy Changes – Dec. 22, 2024

Quarles & Brady LLP on

In May 2024, the Department of Health and Human Services issued a final rule amending HIPAA’s Privacy Rule to address reproductive health care privacy. The final rule was prompted by the Supreme Court’s 2022 ruling in Dobbs...more

Faegre Drinker Biddle & Reath LLP

FTC Updates Health Breach Notification Rule

On July 1, 2024, the amendments to the Health Breach Notification Rule (HBNR) went into effect. First promulgated in 2009, the HBNR applies to vendors of personal health records — entities that are not covered by the Health...more

Kelley Drye & Warren LLP

What Updates to the Health Breach Notification Rule Mean for Your Business

On July 29, 2024, the FTC’s revised Health Breach Notification Rule (HBNR) takes effect. The Rule requires vendors of personal health records (PHRs) and related entities not covered by HIPAA to notify individuals, the FTC,...more

Quarles & Brady LLP

HHS Tracking Technology Guidance Vacated by Federal Court

Quarles & Brady LLP on

On Thursday, June 20, 2024, a U.S. District Court Judge ruled that the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS”) overstepped its authority to act when issuing its December 2022 bulletin...more

Hogan Lovells

FTC finalizes revised health breach notification rule expanding its scope and updating companies’ obligations

Hogan Lovells on

On May 30, 2024, the FTC published amendments to its Health Breach Notification Rule (“HBNR” or “Rule”) in the Federal Register, memorializing the Rule’s expanded scope that now explicitly includes direct-to-consumer health...more

Vedder Price

FTC Finalizes Broader Changes to the Health Breach Notification Rule

Vedder Price on

On April 26, 2024, the Federal Trade Commission (FTC) announced that it had finalized changes to the Health Breach Notification Rule (HBNR). These changes, which go into effect on June 25, 2024, are intended to modernize...more

Davis Wright Tremaine LLP

Land of 10,000 Data Lakes: Minnesota Consumer Data Privacy Act Signed Into Law

On May 25, 2024, Minnesota Governor Tim Walz signed the Minnesota Consumer Data Privacy Act (the "Act"), which takes effect on July 31, 2025, for most controllers and on July 31, 2029, for certain postsecondary educational...more

McGuireWoods LLP

Ounce of Prevention: Are You Keeping Track of Your Business Associate Agreements’ Requirements?

McGuireWoods LLP on

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Fisher Phillips

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

210 Results
 / 
View per page
Page: of 9

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide