The Driver’s Privacy Protection Act ("DPPA"), 18 U.S.C. Section 2721, et seq, was enacted by Congress in 1994 after the highly-publicized murder of actress Rebecca Schaeffer by a stalker who obtained her unlisted address from the California Department of Motor Vehicles. ("DMV"). The Act restricts state DMVs from disclosing personal information contained in motor vehicle records except
Data Security
North Dakota Amends Breach Notification Law to Include Medical Information
By Jackson Lewis P.C. on
Posted in Data Security
North Dakota has amended its data breach notification law to include "medical information" and "health insurance information." See N.D. Century Code, Section 51-30-01. Amendments to the law also provide an exemption for HIPAA covered entities, business associates, or subcontractors so long as they are in compliance with breach notification requirements under title 45, Code of Federal…
CMS Seeks Emergency Review and Approval of its One-Hour Breach Notification Rule for Exchanges
Today, the Centers for Medicare and Medicaid Services (CMS) requested an "emergency review" of its recently proposed rule that "[Federally-facilitated Exchanges or FFEs], non-Exchange entities associated with FFEs, and State Exchanges must report all privacy and security incidents and breaches to HHS within one hour of discovering the incident or breach."
We reported on the …
Check Out Our Webinar Addressing the HIPAA, HITECH Omnibus Regulations
Click on the link in this post for high-level compliance roadmap concerning the Omnibus Privacy Rule under HIPAA and HITECH for covered plans, providers and business associates.
Continue Reading Check Out Our Webinar Addressing the HIPAA, HITECH Omnibus Regulations
Thinking About Cyber, Data Breach Insurance? Have You Assessed Your Needs/Risks?
It seems more companies are considering whether to purchase or enhance their cyber or data breach insurance coverage. In recent years, these offerings have expanded giving businesses more choice, and perhaps so has the need for such coverage given the explosion of access to and transmission of confidential data. What is interesting about this development is the different…
Wellpoint pays $1.7 Million to Settle Potential HIPAA Violations
Breach involving software upgrade to online application system leads to allegations of HIPAA privacy and security failures, and a $1.7 million settlement payment to HHS.
Continue Reading Wellpoint pays $1.7 Million to Settle Potential HIPAA Violations
Texas Amends the Effects of its Data Breach Law on Out-of-State Residents
By Joseph J. Lazzarotti on
Texas amends its data breach notification statute and the law’s effects on persons out of state.
Continue Reading Texas Amends the Effects of its Data Breach Law on Out-of-State Residents
California AG Report Announces Enforcement Priority for Breaches Involving Unencrypted Data
By Joseph J. Lazzarotti on
Posted in Data Security
California Attorney General issues data breach report and announces enforcement priority to investigate breaches involving unencrypted personal information.
Continue Reading California AG Report Announces Enforcement Priority for Breaches Involving Unencrypted Data
One Hour Breach Notification Mandate Proposed Regarding Obamacare Health Exchanges
Are you a “non-Exchange entity” with respect to the healthcare exchanges coming later this year? If so you may become subject to a one-hour breach notification mandate.
Continue Reading One Hour Breach Notification Mandate Proposed Regarding Obamacare Health Exchanges
European Union Stringent Data Security Proposal Will Affect Businesses Worldwide
By Jackson Lewis P.C. on
Posted in Data Security
Privacy and data protection rules of the European Union place a heavy compliance burden on European companies and all foreign companies handling or possessing EU data and the latest proposal under consideration by the European Parliament for a uniform rule is no exception. As reported by L&E Global, the worldwide alliance of premier boutique employment …