A HealthIT Cybersecurity Toolkit

A recent report from the Mass Digital Health Council includes a cybersecurity toolkit created by MDHC’s Cybersecurity Group of Experts (CGE). The toolkit will enable faster clinical adoption of new digital health products, software and solutions by enhancing access to security needs and requirements and will address:

  • Cybersecurity needs for digital health companies
  • Medical device and software solutions
  • Best practices
  • Available state and national resources and tools

This toolkit should enable healthcare organizations to share experiences and guidance with each other,… More

Presentation: MassTLC Policy and CyberMA Seminar

Attorneys Colin Zick and Chris Hart recently led a Q&A discussion for MassTLC members on new trends in data privacy. Click here to download the slides. Topics included: recent GDPR enforcement actions, the California Consumer Privacy Act, recent changes to the Massachusetts data breach statute and more. More

Data Scraping, at Home and Abroad

Data scraping is a technique where information on one platform is exported onto another.  The practice is widespread and is used for all sort of reasons, like market analysis or advertising.  The kind of information located and extracted is as varied as the kind of information that exists on the internet–which is to say, anything and everything–but where it becomes particularly interesting is when personal information is being scraped.… More

Hospital Fined $85,000 by OCR for Failure to Provide Timely Access to Patient Records

Today, in the first settlement of its kind, the Office for Civil Rights at the U.S. Department of Health and Human Services (“OCR”) announced that Bayfront Health St. Petersburg (“Bayfront”) has paid $85,000 to OCR and has adopted a corrective action plan to settle a potential violation of the right of access provision of the Health Insurance Portability and Accountability Act (HIPAA).  This is also the first enforcement action under OCR’s Right of Access Initiative,… More

Brittan Heller Joins Foley Hoag’s Corporate Social Responsibility Practice as Counsel

Foley Hoag LLP welcomes Brittan Heller as counsel in the firm’s Corporate Social Responsibility practice. She will advise companies on privacy, freedom of expression, content moderation, online harassment, disinformation, civic engagement, cyberhate and hate speech, and online extremism.

“Brittan has structured her extensive career around the intersection of law, human rights and technology,” said Foley Hoag Co-Managing Partner Kenneth Leonetti. “Her prior experience with the U.S.… More

New Cayman Islands Data Protection Law, 2017 Coming into Effect

Investment advisers and managers of private investment funds organized in the Cayman Islands should take note that on September 30, 2019, the Data Protection Law, 2017 (the “DPL”), is set to come into effect.

In general terms, this will bring the Cayman Islands into line with many other countries who have recently enacted enhanced data privacy laws, including the European Union’s GDPR. The DPL is designed to protect individuals’ data and give them greater control over its use.… More

Beyond the Privacy Policy:  Toward Effective Data Governance

Shifting how businesses think about privacy.

Let’s stop thinking about privacy policies alone, and let’s start thinking about data governance plans.

For the ordinary business trying to generate revenue and minimize risk, having to think about data privacy can be both a nuisance and a headache.  Generally, it’s easy to want to think about privacy as something that can be dealt with using minimal resources—by updating a template privacy policy and posting it on a website,… More

Colin Zick and Chris Hart to Speak at MassTLC Policy and CyberMA Seminar

New Trends in Data Privacy: GDPR, CCPA and Beyond

Changes to data privacy laws and regulations continue to happen at a rapid clip. Join Foley Hoag’s Colin Zick and Chris Hart for a question and answer discussion about recent GDPR enforcement actions, the latest status on the California Consumer Privacy Act, recent changes to the Massachusetts data breach statute, and what other changes are in store nationally and internationally in the world of privacy and data security.… More

Countdown to CCPA: Foley Hoag Podcast Series

The passage of the California Consumer Privacy Act (CCPA) was a seismic event in U.S. data privacy law. CCPA has an expansive, rights-based approach to privacy, with national and international ramifications.

Foley Hoag attorneys Colin Zick, Chris Hart, Christina Hioureas, Yoni Bard and Scott Bloomberg present a podcast discussing what you need to know about the CCPA.… More

What Do Pumpkin Spice Lattes and National Cybersecurity Awareness Month Have in Common?

What do pumpkin spice lattes and National Cybersecurity Awareness Month have in common?  Not much, other than both should be top of mind in October, but that doesn’t mean that it’s wrong to think about them both in August.

Held every October, National Cybersecurity Awareness Month is a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online while increasing the resilience of the Nation against cyber threats.  … More