What's the Tea in L&E? Can You Share An Employee's Medical Info?
Healthcare Document Retention
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 190: Healthcare Tech and Human Resources with Shannon Frazier, HR Executive Director at Lenovo
The Chartwell Chronicles: Occupational Exposure Claims
Proof in Trial: Appellate Edition: Integra Med Analytics LLC et al. v. Providence Health & Services et al.
Hospice Audit Series | Painting the Picture: How to Advocate for Clinical Hospice Eligibility in the Audit Appeal Process
2022 Resolutions: What Healthcare Practices Need To Tackle In the New Year
Podcast: Are Vaccine Passports the Key to Reopening? - Diagnosing Health Care
Compliance Perspective: What's New in Healthcare Privacy
Workers' Compensation Academy: The Smoking Gun: Importance of Investigation in Insurance & Workers’ Compensation
From NC State to Changing the State of Health Information Networks, with Medicom Technologies’ Malcolm Benitz
Protecting Patient Medical Records
Exploring Digitization of Health and Medical Data and Records Part Two
Patient Records Requests: What You Need to Know
Technology in Healthcare
The FBI issued a warning on June 27, 2025, that criminals impersonating healthcare insurers and fraud investigators are sending text messages and emails to healthcare providers and patients to trick them into providing...more
Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more
The Indiana Attorney General Office (OAG) filed a detailed complaint on December 23, 2024 (Complaint) which arose out of the following patient complaint: The OAG received a consumer complaint stating that the consumer had...more
This week’s post covers the period of December 15-20. Here’s what’s happening....more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more
Following a high-profile cyber-attack earlier in the year which impacted the medical data of NHS patients, the English High Court granted Synnovis an interim injunction which prevents the publication of the stolen data. This...more
The revamped Health Breach Notification Rule by the Federal Trade Commission (FTC) took effect on July 29, 2024, expanding consumer privacy protections to the users of online health platforms and health and wellness apps. Our...more
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more
On April 26, 2024, the Federal Trade Commission (FTC) announced a Final Rule that amends the Health Breach Notification Rule (HBNR or Rule) to significantly broaden the FTC’s enforcement power in the area of digital health....more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more
It is not the first time we have written about complaints, OCR settlements, and even jail time following snooping by hospital employees into patient records. For example, as COVID raged, an investigation showed that for...more
Ransomware is a scary term for many business leaders and CISOs who dread being hit with a malware attack that locks up their data and could shut down operations. They expect to find that oddly-worded ransom note advising how...more
Personal information from federal lawmakers and congressional staff members was available on the dark web following a breach of DC Health Link, the health insurance marketplace for Washington, D.C. In an internal memo sent to...more
Report on Patient Privacy 22, no. 10 (October, 2022) - Thirty Democratic senators led by Sen. Patty Murray, D-Wash., have called on HHS to strengthen federal privacy protections under HIPAA to broadly restrict providers...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
Takeaway: The DOJ’s Cyber Fraud Initiative and qui tam actions under the False Claims Act represent signification enforcement mechanisms for cybersecurity contractor compliance. On the eve of 2022, the United States began...more
Report on Patient Privacy 22, no. 5 (May, 2022) - A law firm in Evansville, Indiana, is considering pursuing claims involving a physician who spoke with women at a bar and then allegedly looked up their medical records, the...more
The FTC recently published two new resources for complying with the Health Breach Notification Rule. The Rule requires vendors of personal health records (PHR), PHR-related entities and service providers to these entities, to...more