Monthly Archives: November 2010

Advocacy Groups File FTC Complaint Over Online Consumer Health Sites and Health-Related Marketing

In a complaint filed with the FTC on November 23, four advocacy groups asked for "Investigation, Public Disclosure, Injunction, and Other Relief" against several online health giants, including Google, Microsoft, QualityHealth, WebMD, Yahoo, AOL, HealthCentral, Healthline, and Everyday Health.

The advocacy groups behind this complaint are the Center for Digital Democracy,… More

AMA Adopts Policy on “Professionalism in the Use of Social Media”

The American Medical Association recently published a policy on "Professionalism in the Use of Social Media," in an apparent attempt to address growing concerns about patient confidentiality and privacy in various internet settings.

While the policy mostly consists of "considerations" that physicians should "weigh" when maintaining an online presence (none of which are new or earth-shattering), there was one notable exception — a snitch rule:

"When physicians see content posted by colleagues that appears unprofessional they have a responsibility to bring that content to the attention of the individual,… More

California Department of Public Health Issues Privacy Breach Fines to 8 Health Care Facilities

On November 19, the California Department of Public Health (CDPH) announced that eight health care facilities (mostly hospitals) have been assessed administrative penalties and fines totaling $792,500 after a determination that the facilities failed to prevent unauthorized access to confidential patient medical information.

The fines ranged from a low of $5,000 to a high of $250,000:

Biggs Gridley Memorial Hospital, Gridley, Butte County: The hospital was assessed a $5,000 fine after the facility failed to prevent unauthorized access of one patient’s medical information by two employees on three occasions.…

Restricting Employees’ Internet Conduct May Violate Federal Labor Law

The following post was drafted by my colleagues Rob Fisher and Brian Bialas; although their focus is on the employment law aspects of this issue, the implications for corporate security/privacy policies are significant. In particular, they note that such policies must not prohibit employees from criticizing their employer. Time to check your existing policies on this point.

* * *

The rise of social media websites has created a host of challenges for employers.… More

Connecticut Insurance Commissioner Fines Health Net of Connecticut $375,000 for Information Security Lapses

On November 8, 2010, the Connecticut Insurance Commissioner, Thomas Sullivan announced that the state’s Insurance Department has reached an agreement with Health Net of Connecticut to pay $375,000 in penalties levied for what the Insurance Department characterized as "failures to safeguard the personal information of its members from misuse by third parties." This included what the Insurance Department considered untimely notification of the 2009 loss of a disk drive resulting in the loss of personal health information of approximately 500,000 Connecticut members. … More