Christopher Hart, Co-Chair of Foley Hoag’s Privacy and Data Security practice, discusses the data security risks of the present crisis and how to mitigate them in MassTLC’s Virtual Table Top Panel. Click here to listen to the full audio of the program. More
Tag Archives: privacy
U.S. Department of Health and Human Services Office for Civil Rights BULLETIN: HIPAA Privacy and Novel Coronavirus
The coronavirus and Covid-19 are impacting everything and everyone, and certainly health information privacy. Here is a useful summary of health information issues to be mindful of from HHS OCR on HIPAA privacy and the coronavirus/Covid-19. Topics covered in the bulletin include:
- Sharing Patient Information
- Disclosures to Family, Friends, and Others Involved in an Individual’s Care and for Notification
- Disclosures to Prevent a Serious and Imminent Threat
- Disclosures to the Media or Others Not Involved in the Care of the Patient/Notification
For more information on HIPAA and Public Health,… More
What do pumpkin spice lattes and National Cybersecurity Awareness Month have in common? Not much, other than both should be top of mind in October, but that doesn’t mean that it’s wrong to think about them both in August.
Held every October, National Cybersecurity Awareness Month is a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online while increasing the resilience of the Nation against cyber threats. … More
The EU Commission issued today a “Communication to the European Parliament and the Council” which is entitled “Data protection rules as a trust enabler in the EU and beyond- taking stock”, which outlines the current state of EU data protection, with particular focus on the impact of GDPR.
- The implementation of GDPR in the EU
The Commission notes that all EU Member States have updated their national data protection laws except for three (Greece,… More
In early June, the Cyberspace Administration of China released for public comment new draft regulations applicable to the collection of personal information relating to children under 14 by online service providers.
The draft regulations share many of the same structures as those utilized by the Children’s Online Privacy Protection Act (“COPPA”) in the United States:
- online service operators will have to obtain parental consent based on a comprehensive disclosure about the collection,…
Start-up companies know that, when potential investors kick the tires, they will look carefully at the company’s business model and IP portfolio. These days, investors are also likely to look at whether the company is in compliance with privacy and data security laws. Cybersecurity has become increasingly important for business of all sizes. While identity thieves may focus on the target rich environments of large-scale enterprises,… More
The Cost of a Free Press: Allergy Practice Pays $125,000 to Settle Physician’s Disclosure of Patient Information on TV
Allergy Associates of Hartford, P.C. (“Allergy Associates”), has agreed to pay $125,000 to the Office for Civil Rights (“OCR“) at the U.S. Department of Health and Human Services (“HHS”) and to adopt a corrective action plan to settle potential violations of the HIPAA Privacy Rule. Allergy Associates is a health care practice that specializes in treating individuals with allergies, and is comprised of three doctors at four locations across Connecticut.… More
Senator Warner’s White Paper Gives Congress Options for Regulating Social Media and Technology Companies
Senator Mark Warner of Virginia has released a white paper outlining policy proposals for regulating social media and technology companies. The paper has gained significance in recent weeks as pressure builds on Congress to pass federal data privacy legislation. In the wake of Europe’s GDPR and California’s Consumer Privacy Act, industry groups, tech companies, and privacy activists alike have urged Congress to act.… More
On September 23, 2018, California Governor Jerry Brown signed into law SB-1121, a bill that makes several amendments to the Golden State’s landmark Consumer Privacy Act (“CCPA”). California enacted the CCPA in June after legislators reached a last-minute compromise with a group of privacy activists who would have put a more stringent data protection measure on the November ballot. Given the hasty enactment of the law,… More
As if having to deal with all the EU’s Data Protection Authorities wasn’t challenge enough for companies trying to comply with GDPR, the FTC has now asserted that it has a role in GDPR enforcement. In particular, the FTC says it has a role in making sure that US companies live up to the GDPR-related promises that they make. This position came to fruition in a proposed FTC settlement with California-based employment training company,… More