In a uniquely timed second showing of enforcement authority, the Department of Health and Human Services (HHS) announced on February 24, 2011 a one million dollar settlement with a Massachusetts hospital that allegedly breached patient data. This settlement announcement comes only days after HHS announced a 4.3 million dollar HIPAA Privacy Rule fine. The
security
U.S. Bank Hit with Class Action Suit Alleging Data Breach Cover-Up
Paintball Punks filed a class action suit against U.S. Bank in Hennepin County, Minnesota. The case was subsequently removed on December 6, 2010, to the Minneapolis District Court. In the complaint, Paintball Punks alleges that between August and December 2009 it received 9 orders totaling approximately $11,000, which were fraudulently billed to U.S. Bank-issued cards. The amount…
Federal Agencies Tighten Data Security Screws on Federal Contractors
Federal contractors are subject to numerous requirements under federal law and, as we have previously highlighted here, need to keep pace with changes in law and regulation.
Under the Federal Information Security Management Act of 2002 (FISMA) each federal agency is required to develop, document, and implement an agency-wide program to provide information security …
Peer-To-Peer (P2P) File Sharing Data Breaches Lead to FTC Action
Nearly 100 organizations have been notified by the Federal Trade Commission (“FTC”) that personal information, including sensitive employee and customer data, shared from the organizations’ computer networks is available on peer-to-peer (P2P) file-sharing networks. This, the FTC warned, could be used to commit identity theft or fraud. The notices went to both private and public entities, including …