Further to our discussions of the proposed regulations to implement statutory amendments under the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), we summarize here a proposed changed to the definition of “business associate.” A significant part of the “HIPAA community” (covered entities, business associates and their agents and subcontractors) already
Shredding and Data Destruction Companies – A HIPAA-Covered Entity’s Best Friend
We recently reported here that the Department of Health and Human Services (HHS) is issuing proposed regulations to implement statutory amendments under the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”). These proposed regulations contain a number of important points to think about for HIPAA covered entities (and business associates
HHS to Issue Proposed Regulations Concerning HITECH
The Department of Health and Human Services announced this morning that it will be issuing a notice of proposed rulemaking to begin implementing the recent statutory amendments under the Health Information Technology for Economic and Clinical Health Act (“the HITECH Act”). According to HHS, the proposed regulations (pdf), set to be published July 14, 2010, are designed to strengthen
Alberta Becomes First Canadian Province to Enact Data Breach Notification Law
Effective May 1, 2010, Alberta amended its Personal Information Protection Act (PIPA) to require breach reporting and notification requirements. U.S. businesses with a presence in Alberta should take note of the new law as it is a bit different than most of the state data breach notification laws in the United States.
PIPA governs the collection, use
Does Your “Cyber” or “Data Breach” Insurance Cover What You Think It Does?
As companies struggle with the risks and exposures related to data breaches, insurance can be an important part of an overall risk management strategy – so long as it is the right insurance.
Insurance carriers are offering products that purport to address this type of risk. Such insurance can be particularly important to businesses for
“Medical Privacy a Fundamental Right” – Five California Hospitals Fined for Failing to Secure that Right
On June 10, 2010, the California Department of Public Health (CDPH) announced issuing administrative penalties and fines totaling $675,000 against five hospitals in the state. CDPH cites the facilities’ failure to prevent unauthorized access to confidential patient medical information as required under new legislation (Section 1280.15 of California’s Health and Safety Code)
Connecticut Attorney General Working on Second HIPAA Breach Investigation
Connecticut Attorney General Richard Blumenthal has commenced an investigation in a second case involving potential HIPAA violations by a worker at Griffin Hospital. This follows the suit commenced against Health Net for HIPAA violations following a data breach. As reported by George Gombossy of ctwatchdog.com, this would be the second time a state
New Challenges for HIPAA Business Associates Under ARRA and HITECH
Have you noticed that negotiating that business associate agreement has gotten a lot more difficult? Many companies that serve health care providers and health plans, generally known as business associates, have noticed. These companies include software vendors, benefits brokers, cloud computing providers, data storage/destruction companies, and accountants, among others.
The clients of these companies are
“Red Flags” Rule FTC Enforcement Deadline Pushed to December 31, 2010
The Federal Trade Commission announced it is further delaying its enforcement of the “Red Flags” Rule through December 31, 2010. This move comes at the request of several Members of Congress who want to further consider legislation that would clarify who is subject to the Rule.
Employers Get Guidance from Ohio Court on “FCRA” Background Check Notice Requirements
FCRA “Fair Credit Reporting Act” Burghy “Dayton Racquet Club, Inc.” FTC “Summary of Rights” “background check” “Pre-Adverse Action”
Continue Reading Employers Get Guidance from Ohio Court on “FCRA” Background Check Notice Requirements