The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
Digital Planning Podcast - Interview With Leeza Garber
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Safeguards against Data Security Breaches (Part One)
In today’s healthcare environment, compliance is a defining element of patient care quality, operational integrity, and public trust. Oversight from agencies such as the Office for Civil Rights (OCR), the Centers for Medicare...more
On July 27, 2020, the U.S. Department of Health and Human Services (HHS) announced that it reached a settlement with a Rhode Island nonprofit health system related to the theft of an unencrypted laptop containing its...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps....more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more
Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more
On March 24, 2016, Governor Haslam signed S.B. 2005 which amends Tennessee's data breach notice statute. The amended statute will go into effect on July 1, 2016. The new Tennessee breach notice requirements are triggered by...more
On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more
Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more
Following the investigation of a self-reported data breach involving the loss of an unencrypted laptop containing the protected health information (PHI) of 13,000 individuals, the OCR slammed the New York based biomedical...more
Data encrypted in accordance with the Advanced Encryption Standard (“AES”) gives dentists a “safe harbor” in the event of certain breaches of patient information. However, those relying on Henry Schein’s Dentrix G5 software...more
This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more
Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more
Using the Maryland Consumer Protection Act, Maryland Attorney General Brian Frosh has announced that eye care retailer Visionworks, Inc. has agreed to pay the state of Maryland $100,000 and enhance its security measures...more
On June 30, 2015, the Governor of Connecticut signed into law S.B. 949, “An Act Improving Data Security and Agency Effectiveness." The new law updates Connecticut’s data security laws, including by adding a 90-day hard...more
This month, Governor Chris Christie signed into law a New Jersey bill requiring health insurance carriers (e.g., insurance companies, health service corporations, hospital service corporations, medical service corporations,...more