Patient record requests can be a significant administrative burden for health care providers. An OCR enforcement initiative and a new federal law give providers more reason to get this process right. We summarize these rules here.
Since the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule became effective in 2003, it
Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant that created, maintained, and complied with
Individuals who serve as a fiduciaries to their company’s retirement plan often feel they may not be sufficiently informed or qualified to make prudent decisions for the plan. They might ask themselves: “How do I know which are prudent investments?” or “What amount of plan fees are ‘reasonable’”? Now, the DOL is requiring plan fiduciaries
In April, we posted about the U.S. Department of Labor’s (DOL) Employee Benefits Security Administration (EBSA) issuing cybersecurity guidance for employee retirement plans. That is, April 14, 2021. Shortly thereafter, the DOL updated its audit inquiries to include probing questions for plan fiduciaries about their compliance with “hot off the press” agency guidelines.
So, what
Globalization, compliance, and the growth in outsourcing have created a myriad of cross-border data transfer scenarios. These scenarios include marketing to and servicing customers, assessing global compliance with diversity and including goals, and outsourcing back office business functions. However, the emergence of far reaching data privacy regulation, such as the EU General Data Protection Regulation
By now, plan fiduciaries and their service providers likely have heard about the DOL’s cybersecurity guidance. The Department of Labor’s stepping into cybersecurity in this way – a posting of best practices on the agency’s website – has left plan fiduciaries with some questions. Here are a few:
On May 12, 2021, the Biden Administration issued an Executive Order on “Improving the Nation’s Cybersecurity” (EO). The EO was in the works prior to the Colonial Pipeline cyberattack, reportedly a ransomware incident that snarled the flow of gas on the east coast for days. Ransomware attacks are nothing new, but they are increasing in
Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA Advisory Council, a 15-member body appointed by the Secretary of Labor to provide guidance on employee benefit plans, shared with the federal
On Tuesday, March 2nd, Virginia Governor Ralph Northam signed into law the Consumer Data Protection Act (CDPA), officially joining California as the second state with a comprehensive consumer privacy law, intended to enhance privacy rights and consumer protection for state residents. We provide an in-depth analysis of the CDPA here, along with
On January 13, House Delegate Sara Love Introduced the “Biometric Identifiers and Biometric Information Privacy Act” (the “Act”) substantially modeled after the Biometric Information Privacy Act in Illinois, 740 ILCS 14 et seq. (the “BIPA”). Enacted in 2008, the Illinois BIPA only recently triggered an avalanche of class actions in Illinois, spurring other