Are you a “non-Exchange entity” with respect to the healthcare exchanges coming later this year? If so you may become subject to a one-hour breach notification mandate.
Continue Reading One Hour Breach Notification Mandate Proposed Regarding Obamacare Health Exchanges
Identity Theft
Colorado Becomes Ninth State to Restrict Use Of Credit Information In Making Employment Decisions
Colorado joins eight other states in restricting employers’ use of credit information in making employment decisions…
Continue Reading Colorado Becomes Ninth State to Restrict Use Of Credit Information In Making Employment Decisions
California Considers Broader and Tougher Data Disclosure Requirements for Use of Customer Personal Information
By Jason C. Gavejian on
Posted in Identity Theft
In the face of increasing incidences of and rising public concern regarding identity theft, the California Legislature is considering a bill with new personal information data disclosure requirements for California businesses and a broad definition of what constitutes personal information.
California Assembly Bill 1291, would require businesses who have customer personal information and have…
New Mexico Joins Other States That Have Passed Social Media Privacy Laws
Add New Mexico to the list of states with social medica privacy laws…
Continue Reading New Mexico Joins Other States That Have Passed Social Media Privacy Laws
Privacy on the Go: California’s Recommendations for Mobile Device/App Privacy and Security
In 2012, California took significant steps to increase privacy protections for users of mobile applications (apps) which involved working with companies such as Amazon, Apple, Facebook, Google, Hewlett-Packard, and Microsoft. In July 2012, the Attorney General created the Privacy Enforcement and Protection Unit, with the mission of protecting the inalienable right to privacy conferred by the…
Start 2013 On The Right Foot – Assess Your Organization’s Information Risk
The $50,000 in penalties that the Office for Civil Rights (OCR) recently imposed on a health care provider in Idaho was due in part to allegations that the HIPAA covered entity had not conducted a risk assessment as required under the HIPAA privacy and security regulations. Of course, HIPAA is not the only law that requires a risk…
Small HIPAA Breach (Affecting Fewer Than 500) Leads to Substantial Penalties
HIPAA data breach affecting 441 patients leads to investigation resulting in $50K in penalties due to alleged lapses in security compliance.
Continue Reading Small HIPAA Breach (Affecting Fewer Than 500) Leads to Substantial Penalties
Connecticut AG Makes Email Address Available to Companies to Report Data Breaches
Connecticut AG prepares for amendments to Connecticut’s data breach law going into effect on Oct. 1, 2012.
Continue Reading Connecticut AG Makes Email Address Available to Companies to Report Data Breaches
Massachusetts Health Care Provider, MEEI, Settles HIPAA Charges Following Stolen Electronic Storage Device
Another reported HIPAA breach results in $1.5 million dollar settlement between HIPAA covered entity and HHS’ Office of Civil Rights…
Continue Reading Massachusetts Health Care Provider, MEEI, Settles HIPAA Charges Following Stolen Electronic Storage Device
New York Tightens Protections on Social Security Numbers
A New York law, effective December 12, 2012, prohibits businesses and other entities from requiring individuals to disclose or furnish their Social Security Numbers for any purpose, subject to certain exceptions.
Continue Reading New York Tightens Protections on Social Security Numbers