For years, many questioned whether the HIPAA privacy and security rules would be enforced. The agency responsible for enforcement, Health and Human Services’ Office for Civil Rights (OCR), promised it would enforce the rules, but just after a period “soft” enforcement and compliance assistance. That period appears to be ending. During the first seven months
5 Practice Tips for Law Firms as Data Breach Spotlight Swings Their Way
While data breach incidents affecting the entertainment, retail, healthcare, and financial industries have garnered more attention in past years, the data breach spotlight recently shifted to law firms.
This shift was triggered by media coverage of the breach and leak of the Panama Papers, and by reports that, in 2015, hackers breached the networks
Facebook’s “Trending” Section and Human Resources Analytics
According to a recent New York Times article, “Facebook scrambled on Monday to respond to a new and startling line of attack: accusations of political bias.” Slate followed with a report that the online social networking giant became the subject of a United States Senate inquiry, with Commerce Committee Chairman John Thune wanting information about
Check Your Spam Filter, You Might Have Been Selected for a HIPAA Audit!
Yesterday, the federal Office for Civil Rights (OCR) announced Phase 2 of its HIPAA Audit Program (Program). In its announcement, the OCR reports that the Program is underway and provides some helpful FAQs for covered entities and business associates about the Program. Preparation is critical and there are some key points covered entities and business
Should We Train Our Employees About Good Data Privacy and Security Practices?
Yes! It is the law in more places and circumstances than you suspect.
- Check out our report to learn more, including suggestions for setting up a training program.
Late last year, The Wall Street Journal reported on a survey by the Association of Corporate Counsel (“ACC”) that found “employee error” is the most common reason
HIPAA Covered Entities Not Responsible For Intercepted Transmission of PHI When Individual Requested Unsecured Transmission, Office for Civil Rights Concludes
Earlier this month, the Office for Civil Rights (OCR) issued guidance on an individual’s right to access the individual’s health information. That an individual has a broad right to access has been recognized in the HIPAA privacy regulations since they became effective in 2003. OCR has found, however, that individuals are facing obstacles to accessing
President Seeks $19 Billion and Creates a Commission to Address Cybersecurity
President Barack Obama requested $19 billion in his budget for 2017 to address cybersecurity in the United States, $5 billion more than was budgeted for the current year. Today, he issued an Executive Order that will create a commission within the Department of Commerce to be known as the “Commission on Enhancing National Cybersecurity.”
So,
FTC’s Big Data Report Has Suggestions for the Workplace
Earlier this month, the Federal Trade Commission (“FTC”) issued a report discussing “big data.” The report compiles the agency’s learning from recent seminars and research, including a public workshop held on September 15, 2014. Known best for its role as the federal government’s consumer protection watchdog, the FTC highlights in the report a number
Employers Can Provide Credit Monitoring and Other Identity Protection Services to Employees Tax-Free BEFORE a Breach Happens, IRS Says
Earlier this year, we reported that the Internal Revenue Service clarified that it would not consider the value of credit monitoring and other identity protection services provided by employers to employees in connection with a data breach to be taxable income to the employees. IRS Announcement 2015-22. In response to comments, the IRS expanded this
DNC, Bernie Sanders’ Data Breach – Breaches Are Not Just About Social Security Numbers or Payment Cards
Are pundits discussing the personal information allegedly accessed by a campaign staffer for Bernie Sanders? No, not really, and that is the point.
Scheduled to debate tonight at St. Anselm College in Manchester, New Hampshire, Democratic presidential candidates Bernie Sanders and Hillary Clinton are almost certain to joust over an alleged intrusion into Clinton’s voter