As we reported here, the Senate passed legislation to clarify the application of the "red flag" rules to "creditors." The law, the Red Flag Program Clarification Act of 2010, made its way through the House and, on December 18, 2010, was signed into law by President Barack Obama.
The Act makes clear that the red flag rules apply
CDPH’s data privacy enforcement activity continues, this time affecting 6 hospitals and a nursing home with total penalties approaching $800,000.
Continue Reading California Department of Public Health Continues to Fine Hospitals and Nursing Homes for Data Breaches
We’ve written extensively here on the importance of safeguarding personal information. We’ve also made clear that the safeguarding of data should not stop with individually identifiable personal information. In fact, many times a company’s most sensitive information, data critical to the survival of its business, is its corporate trade secrets, proprietary information, and its clients’
As reported by the American Bar Association and PHIprivacy.net, lawyers, accountants, health care providers and others soon may get some clarity as to whether the "red flag" rules apply to them. The United States Senate voted unanimously to pass the Red Flag Program Clarification Act of 2010. Under the Act, according to statements from Sen.
What had been the first use of the enforcement authority under the HIPAA privacy regulations granted to a State Attorney General, has ended in a settlement agreement between Connecticut’s Insurance Department and Health Net of Connecticut. Under the agreement, Health Net will pay $375,000 in penalties, and it agreed to provide credit monitoring protection for 2 years to all affected persons in Connecticut
“Washington Post” Voxiva “mobile phone”
Continue Reading Doctors’ Orders Through Your Cell Phone?
The folks at Identity Theft 911 remind us of the need to be "smart" about handling smartphones. In a recent post, the company warns that the wealth of data on these devices can substantially expose an individual if his or her device(s) are not purged upon disposal. The same is true, of course, for employers with respect to the phones and
In March 2010, we reported on a decision by the U.S. District Court for the District of New Jersey that allowed an employee’s retaliation claim to proceed to trial under the New Jersey Conscientious Employee Protection Act (“CEPA”) on the ground that he was engaged in protected whistle blowing activity – voicing concerns regarding his employer’s
Federal contractors are subject to numerous requirements under federal law and, as we have previously highlighted here, need to keep pace with changes in law and regulation.
Under the Federal Information Security Management Act of 2002 (FISMA) each federal agency is required to develop, document, and implement an agency-wide program to provide information security
In another favorable decision for companies, the Maine Supreme Court ruled on September 21, 2010 that consumers affected by a data breach could not claim damages from the company unless they suffered uncompensated financial losses or some other tangible injury.
The Maine Supreme Court addressed the following:
In the absence of physical harm or economic loss