News & Analysis as of

Incident Response Plans Data Breach Health Insurance Portability and Accountability Act (HIPAA)

Jackson Lewis P.C.

Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals

Jackson Lewis P.C. on

In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Alston & Bird

New York State Department of Health Revises Proposed Hospital Cybersecurity Regulations

Alston & Bird on

In May 2024, the New York State Department of Health (“NYSDOH”) issued revisions to proposed regulations on hospital cybersecurity that it first released in November 2023. The proposed revised regulations are subject to...more

Spilman Thomas & Battle, PLLC

Decoded - Technology Law Insights, V 5, Issue 5, June 2024

We are pleased to announce that several of the firm’s practice groups and attorneys were recognized in the 2024 edition of Chambers USA, a directory of leading law firms and attorneys. Chambers and Partners annually...more

HaystackID

[Webcast Transcript] From Breach to Insight: Incident Response & PII Recovery

HaystackID on

Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more

Health Care Compliance Association (HCCA)

UHG’s Breach Response May Prove Enlightening for Others

Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more

Patterson Belknap Webb & Tyler LLP

Multistate Coalition of State Attorneys General Secures $49.5 Million from Cloud Company Blackbaud for 2020 Data Breach

State regulators across the country continue to increase their focus on cyber security and data privacy compliance and enforcement. For years, cloud company Blackbaud, a service provider to thousands of nonprofit enterprises,...more

Davis Wright Tremaine LLP

Litigation Preparedness Following a Data Breach: Three Tips to Consider During the Incident Response Period

Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Saul Ewing LLP

Health Care Cybersecurity Continues To Be Relevant

Saul Ewing LLP on

​October was National Cybersecurity Month. As part of its ongoing focus on HIPAA Security Rule awareness and compliance, the Office for Civil Rights (“OCR”) within the Department of Health and Human Services (“HHS”),...more

Health Care Compliance Association (HCCA)

Securing Problematic 'Legacy' Devices: Be Part of Procurement, Push for Info

Report on Patient Privacy 22, no. 3 (March, 2022) - Typically a “legacy” describes the lasting impact of an influential person or movement, most often in a positive sense. Not so with medical devices. When legacy is applied...more

Miles & Stockbridge P.C.

Avoid Turning One Data Breach into Two

When can a data breach get worse? When the process of notifying victims creates a second breach. Take the example of a cancer treatment center that recently paid $425,000 to settle allegations that included a faulty...more

K&L Gates LLP

Health Care Triage: Data Security Breaches in the Health Care Sector

K&L Gates LLP on

Desiree Moore, Gina Bertolini, and Jackie Hoffman discuss the increasing impact of data security incidents and security breaches on the health care sector. They define what qualifies under HIPAA as a protected health...more

Goodwin

DOJ Announces New Initiative to Use False Claims Act to Enforce Compliance with Data Privacy and Security Laws and Contract...

Goodwin on

The Department of Justice recently announced the launch of its new Civil Cyber-Fraud Initiative (the “Initiative”) which intends to use the False Claims Act to pursue “cybersecurity-related fraud by government contractors and...more

BCLP

Data Breach Litigation Preparation: Should Companies Communicate with the Public/Media After a Data Breach?

BCLP on

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - April 2019 #3

Robinson & Cole LLP on

The Department of Homeland Security (DHS) issued a warning on April 15, 2019 entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more

Mitchell, Williams, Selig, Gates & Woodyard,...

The Lawyer's Duty When Client Confidential Information is Hacked From the Law Firm

As attorneys, our livelihood is often heavily dependent upon the keeping of secrets. But in this complex electronic-data driven environment we work in, where physical security via locked doors and piercing alarms may no...more

Epiq

Creating an Information Governance Structure

Epiq on

A well-crafted information governance framework can properly manage valuable data and minimize risk. But not all data protection programs are created equal. Security measures taken by an organization should protect your...more

Burr & Forman

Cyber-Incident – Now What?

Burr & Forman on

In this day in age where a vast amount of information is stored electronically and you can buy almost anything with a “1-click” purchase, it comes as no surprise that cyber incidents are on the rise, especially among...more

Poyner Spruill LLP

Three Lessons From a Hospital Under Ransomware Siege

Poyner Spruill LLP on

Missouri’s Cass Regional Medical Center (CRMC) was recently hit with a ransomware attack. Existing patients continued to receive care, but incoming trauma and stroke patients were diverted to other facilities. The hospital...more

Jaburg Wilk

Everyone is Doing Business Online, and Most People are Doing it Wrong - 5 Practical Steps to Protect Your Customer Data

Jaburg Wilk on

Data breaches are inevitable. 2017 was the “year of the data breach,” with more exposure of personally identifiable information (“PII”) than ever before. If you were one of the 30% of US-based consumers who were notified of a...more

Miles & Stockbridge P.C.

What to Do When You Find Yourself in the Data Breach Club

Miles & Stockbridge P.C. on

In the wake of the latest massive data breach, this one involving Equifax, more and more companies are likely wondering what they should do in the event that they are faced with a data breach that exposes the personal data of...more

BCLP

Healthcare Data Breach Litigation Trends

BCLP on

Companies that have a breach involving PHI worry not only about fines and penalties imposed by HHS, but about class action lawsuits. The risk that a class action lawsuit will lead to financial liability, however, is often...more

Robinson+Cole Data Privacy + Security Insider

OCR Releases “Improved Web Tool” for Breach Reporting

The Office for Civil Rights (OCR) recently issued an “improved web tool that puts important information into the hands of individuals, empowering them to better identify recent breaches of health information and learn how all...more

Womble Bond Dickinson

FTC Provides Nonbinding Materials to Help Businesses Defend Against and Respond to Data Breaches

Womble Bond Dickinson on

On October 25, 2016, the Federal Trade Commission (FTC) released its nonbinding “Data Breach Response” guide with an accompanying blog post and video, all directed to help businesses prepare a data breach response plan. The...more

31 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide