WSJ reported on November 22, 2013, Google’s push to move Google Glass, a computerized device with an “optical head-mounted display,” into the mainstream by tapping the prescription eyewear market through VSP Global—a nationwide vision benefits provider and maker of frames and lenses. If the speed and immersion of technology over the past few years had… Continue Reading
If your cloud service provider sounds like your local weather reporter – partly cloudy with a chance of rain – you may be in for a data security storm. A USA Today guest essay by Rajiv Gupta highlights the need for a multi-layered approach for cloud providers to ensure data stored in the cloud is secure, something… Continue Reading
According to testimony before the House Committee on Science, Space, and Technology and warnings from IT security experts, individuals using the federal government’s website to obtain health coverage through the Exchange are likely putting the security of their sensitive personal information at significant risk. Reports about the cost of the federal website vary, but based on… Continue Reading
Written by Lillian Moon The Florida Senate is considering joining a multitude of states which have banned employers from requesting or requiring access to current or prospective employees’ social media accounts. Senate Bill SB198, entitled “An Act Relating to Social Media Privacy,” would prohibit employers from requiring or requesting access to employee or applicant social… Continue Reading
Jackson Lewis Special Report on Social Media in the Workplace.
The Driver’s Privacy Protection Act ("DPPA"), 18 U.S.C. Section 2721, et seq, was enacted by Congress in 1994 after the highly-publicized murder of actress Rebecca Schaeffer by a stalker who obtained her unlisted address from the California Department of Motor Vehicles. ("DMV"). The Act restricts state DMVs from disclosing personal information contained in motor vehicle records except… Continue Reading
North Dakota has amended its data breach notification law to include "medical information" and "health insurance information." See N.D. Century Code, Section 51-30-01. Amendments to the law also provide an exemption for HIPAA covered entities, business associates, or subcontractors so long as they are in compliance with breach notification requirements under title 45, Code of Federal Regulations,… Continue Reading
Today, the Centers for Medicare and Medicaid Services (CMS) requested an "emergency review" of its recently proposed rule that "[Federally-facilitated Exchanges or FFEs], non-Exchange entities associated with FFEs, and State Exchanges must report all privacy and security incidents and breaches to HHS within one hour of discovering the incident or breach." We reported on the proposed… Continue Reading
Click on the link in this post for high-level compliance roadmap concerning the Omnibus Privacy Rule under HIPAA and HITECH for covered plans, providers and business associates.
It seems more companies are considering whether to purchase or enhance their cyber or data breach insurance coverage. In recent years, these offerings have expanded giving businesses more choice, and perhaps so has the need for such coverage given the explosion of access to and transmission of confidential data. What is interesting about this development is the different… Continue Reading
Breach involving software upgrade to online application system leads to allegations of HIPAA privacy and security failures, and a $1.7 million settlement payment to HHS.
Texas amends its data breach notification statute and the law’s effects on persons out of state.
California Attorney General issues data breach report and announces enforcement priority to investigate breaches involving unencrypted personal information.
Are you a “non-Exchange entity” with respect to the healthcare exchanges coming later this year? If so you may become subject to a one-hour breach notification mandate.
Privacy and data protection rules of the European Union place a heavy compliance burden on European companies and all foreign companies handling or possessing EU data and the latest proposal under consideration by the European Parliament for a uniform rule is no exception. As reported by L&E Global, the worldwide alliance of premier boutique employment law… Continue Reading
The New York Times recently reported that hackers from China have resumed attacks on U.S. targets, despite efforts by the Obama Administration to curb these intrusions. According to the article and a report by a security company, Mandiant, hackers from China have been behind… scores of thefts of intellectual property and government documents over the past five… Continue Reading
University’s $400,000 payment to HHS to settle HIPAA compliance allegations highlights critical role of risk assessments, and need for security policies and procedures.
Add New Mexico to the list of states with social medica privacy laws
New Tennessee law requires destruction of certain PHI following medical malpractice litigation
New Utah law requires health care providers to update HIPAA Notice of Privacy Practices by July 1, 2013.
Health care practices and businesses generally need to be more careful when responding to requests for medical and other sensitive personal information.
Will NY’s highest court allow patients to sue medical practices for fiduciary duty breaches when their non-physician employees disclose confidential medical records?
With all of the recent discussion about working from home, Cliff Atlas, Co-Chair of the Jackson Lewis Non-competes and Protection against Unfair Competition Practice Group, has posted an article about Protecting Trade Secrets with a Mobile Workforce and Telecommuters. Check it out.
President Obama issues executive order on cybersecurity