Tag Archives: data breach

FTC to Consider Changes to the Health Breach Notification Rule

By Anna D. Kraus and Tara Carrier on Posted in Data Security, Digital Health, FTC
On May 8, 2020, the Federal Trade Commission (“FTC”) issued a notice soliciting public comment regarding whether changes should be made to its Health Breach Notification Rule (the “Rule”).  The request for comment is part of a periodic review process “to ensure that [FTC rules] are keeping pace with changes in the economy, technology, and … Continue Reading

Bar to Data Breach Litigation May Be Dropping; Implications for Digital Health Technologies

By Lily Katharine Hines and Nigel Howard on Posted in Data Security, Health Data, Transactions
At the beginning of August, the D.C. Circuit found that the fact that a data breach has occurred and individual consumer information has been lost may constitute sufficient injury to confer standing on those individual victims at the pleading stage–irrespective of whether any stolen information has been misused. Specifically, Attias, et al. v. CareFirst, Inc., … Continue Reading

Significant HIPAA Fine Follows Business Associate’s Stolen iPhone

By Covington Digital Health Team on Posted in Health Data, HIPAA and Data Privacy, Medical Apps
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently announced a significant settlement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), a business associate under HIPAA, arising from a breach of protected health information (PHI) after the theft of an employee’s iPhone.  The iPhone … Continue Reading

Senators Request Information from HHS About Medical Identity Theft Efforts

By Krysten Rosen Moller on Posted in Cybersecurity, Data Security
Last week, the chairmen and ranking members of the Senate Committee on Health, Education, Labor, and Pensions and the Senate Committee on Finance sent a letter to Andy Slavitt, Acting Administrator for the Centers for Medicare & Medicaid Services (“CMS”), and Jocelyn Samuels, Director of the Health and Human Services (“HHS”) Office for Civil Rights … Continue Reading

Recent HIPAA Settlement Highlights Need to Address Software Risks

By Liza Khan on Posted in Data Security, HIPAA and Data Privacy
On December 2, 2014, the Anchorage Community Mental Health Services (ACMHS) agreed to pay $150,000 under a settlement agreement with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  ACMHS entered the settlement agreement … Continue Reading

HHS Report Details Breaches of PHI, Makes Recommendations

By Paige Jennings and Anna D. Kraus on Posted in Data Security
In its Annual Report to Congress on Breaches of Unsecured Protective Health Information, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reports on both large and small breaches of protected health information (PHI), as well as breach-related settlement agreements and audits.  The Office also recommends steps that covered entities should … Continue Reading

HHS Report Highlights HIPAA Privacy, Security, and Breach Notification Compliance Trends

By Paige Jennings and Anna D. Kraus on Posted in Data Security, HIPAA and Data Privacy
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently released two annual reports regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA) and provisions enacted by the Health Information Technology for Economic and Clinical Health (HITECH) Act.  The reports indicate that HIPAA-related complaints continue to grow annually; however, … Continue Reading
LexBlog