On April 26, 2024, the U.S. Department of Health and Human Services (“HHS”) issued a final rule (the “Final Rule”) along with guidance updating the Health Insurance Portability and Accountability Act (“HIPAA”) regulations at...more
On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more
Many HIPAA covered entities and business associates struggle with developing and implementing a sanctions policy. What should it say, is zero-tolerance required, do we have to impose discipline in every case, etc. These are...more
On February 25th, the Federal Trade Commission (FTC) released its annual Privacy and Data Security Update, which highlights the FTC’s activities during the past year....more
The Federal Trade Commission (FTC) struck a deal with a mortgage broker who revealed personal information about consumers after they posted negative reviews of his service on Yelp....more
The effective date of the new same-day Automated Clearing House (“ACH”) processing window (which would expand the end-of-day deadline to originate same-day transactions by two hours to 4:45 p.m. ET (1:45 p.m. PT)) has been...more
For the first time in 17 years, the FTC is proposing significant increases to the information security standards which apply to those financial institutions that are regulated by the FTC and are not already subject to similar...more
he Federal Trade Commission (FTC) has focused over the course of 2018-2019 on consumer protection, data security, privacy and FinTech issues as part of its review of "Competition and Consumer Protection Issues in the 21st...more
Health care organizations’ lack of compliance with the data privacy and security requirements of both state laws and the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security and Breach Notification...more
In August 2017, the Supreme Court of India passed a judgment in the case of Justice K S Puttuswamy vs Union of India (Supreme Court of India, WRIT PETITION (CIVIL) NO 494 OF 2012), in which fundamental rights, as provided in...more
When the topic of data privacy and cyber security comes up, most people automatically think of data breaches, especially given the high-profile nature of so many of them. Breaches and hacks are certainly an issue about which...more
The Risks of Overpromising and Underperforming - Demonstrating its authority over all things cybersecurity, the Federal Trade Commission (FTC) announced that it has entered into a proposed consent order with Uber for the...more
The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President...more
Now more than ever, workplace wellness programs are becoming increasingly popular among employers. A common concern many employers have is how to design a meaningful workplace program intended to improve the health of...more
Following actions by the Federal Communications Commission (FCC) to suspend the effective date of the FCC’s data security rules, the US Congress—pursuant to the Congressional Review Act—passed a resolution to block the...more