Last week, the Department of Health and Human Services’ Office for Civil Rights (OCR) provided guidance for HIPAA covered entities and business associates that use or want to use cloud computing services involving protected health information (PHI). Covered entities and business associates seeking cloud services often have many concerns regarding HIPAA compliance, and this
cloud computing
DoD Issues Interim Rule For Contractors on Incident Reporting and Cloud Computing Services
Government contractors have a wide range of unique challenges (find out more about these here), not the least of which is data security. A good example is the interim rule the Department of Defense (DoD) issued last month that implements sections of the National Defense Authorization Act for Fiscal Years 2013 and 2015.…
Fulbright’s Litigation Survey Addresses Privacy in the Age of Social Media and Mobile Devices
Norton Rose Fulbright recently released the results of their 9th annual litigation trends survey. The Fulbright survey reflects information collected from 392 in-house attorneys; including 82% identifying themselves as general counsel and 14% as head of litigation. Additionally, the companies responding to the survey represent virtually all industries, include entities of all sizes, and…
Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?
Is your cloud service provider HIPAA-compliant?
Continue Reading Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?
The White House’s Cybersecuirty Legislative Proposal
Today the White House issued a Cybersecurity Legislative Proposal. The proposed legislation focuses on protecting the American people, the nation’s critical infrastructure, and the federal government’s computers and networks. While legislation of this nature would simplify the breach reporting process for businesses, and overall streamline cybersecurity laws, a number of legislative attempts to do this have previously…
WISPs Beyond Massachusetts
Over the past few months, many businesses, particularly in the Northeast Region, have been focusing on creating a written information security program (WISP) to comply with Massachusetts identity theft regulations that went into effect March 1, 2010. For many, this has been a significant effort, reaching most, if not all, parts of their organizations. However…
FTC Investigates Cloud Computing
Last month, we briefly discussed "cloud computing," along with some issues that should be considered when deciding whether to adopt this new technology. Our post focused on data privacy and security issues.
As reported by Kim Hart, of The Hill’s Technology Blog, a December 9, 2009, Federal Communications Commission filing states that the Federal Trade Commission…
Cloud Computing – Did the City of Los Angeles Make the Right Move?
“Cloud computing” takes many forms, but, fundamentally, it is a computer network system that allows consumers, businesses, and other entities to store data off-site and manage it with third-party-owned software accessed through the Internet. Files and software are stored centrally on a network to which end users can connect to access their files using computers…