Securing All The Things: Cybersecurity, D-Link, and the Expansion of IoT

The internet of things (IoT) holds promise for new ways to interact with and leverage technology; however, ever-expanding connectivity brings increased vulnerability. Addressing security and privacy issues is necessary for the continued growth of the IoT—and, as the U.S. Federal Trade Commission’s case against  D-Link Corporation demonstrates, one of vital interest to regulatory lawmaking bodies as well.

The Need for a Modified Upjohn: Internal Investigations and When to Warn

Compliance programs rely heavily on internal investigations. Yet unlike their counterparts in the in-house counsel’s office, compliance professionals rarely give notice when they are conducting such investigations. Whether compliance professionals have duty to notify individual directors, officers and employees of an internal investigation remains unclear. This lack of clarity leads to confusion with employees and officers regarding the limits of confidentiality, and the compliance officer’s duty of loyalty. A robust ethics and compliance program should therefore take a proactive stance and integrate Upjohn warnings—a standard of corporate counsel, but modified to fit the compliance function—into the internal investigation process.

Insurance Plans and Opioids: Releasing and Raising the Barriers to Prescribe

With the opioid addiction epidemic continuing to rise in the United States, several insurance companies loosened the existing barriers to addiction treatment. Aetna Insurance Company joined Cigna and Anthem in removing key provisions in its insurance plans that require additional authorization prior to providing addiction treatment. At the same time, Cigna proposed to strengthen barriers to physician prescribing of opioids in an attempt to further address the opioid epidemic.

Bose Accused of Blasting Consumer Listening Habits to Third Parties

Global music technology giant and headphone maker, Bose Corporation, has been hit with a class-action lawsuit alleging that Bose collected the listening preferences of the users of its wireless headphones and its companion application without their knowledge and sold that information to third parties. Counsel representing the class filed the complaint in federal court in Chicago, Illinois alleging violations of the Electronic Communications Privacy Act (“ECPA”) and the Illinois-specific Eavesdropping Statute.

Mr. Trump’s Swing at Financial Regulation

During his first 67 days in office, Mr. Trump signed 19 executive orders. One such action designed to roll back regulations from the 2010 Dodd-Frank Act (“Act”) received little to no media attention but may have long lasting ramifications in the financial industry.

Compliance in the Garment Industry: A Closer Look Into Bangladesh’s Factories

Compliance with labor laws is a major component of effectively and efficiently conducting business in the garment industry. Although there are a variety of areas, such as wage and hour compliance and disability compliance, human rights compliance issues are becoming increasingly prominent in recent times—especially in Bangladesh. The garment industry in Bangladesh came under international scrutiny in 2013 after the collapse of the Rana Plaza building, ultimately killing over 1,100 workers. This incident is considered to be one of the worst industrial disasters to ever occur and exposed many serious hazards that were occurring in Bangladeshi factories. Subsequently, some of the largest brands shifted to implement better conditions for workers.

DOJ Joins Whistleblower Suit Against UnitedHealth Group

The United States Department of Justice (“DOJ”) recently intervened in a qui tam action against UnitedHealth Group (“United”) and its subsidiary, UnitedHealthcare Medicare & Retirement, the nation’s largest provider of Medicare Advantage (“MA”) Plans. The suit alleges that United engaged in an “up-coding” scheme to receive higher payments than they should have under MA’s risk adjustment program. Assuming these allegations of United’s false claims are true, then United billed and received hundreds of millions of dollars in improper payments from Medicare.

Golden State Warriors Run Afoul to the Electronic Communications Privacy Act

The 2016 National Basketball Association Champions, the Golden State Warriors, have been accused of wiretapping and listening in to fans’ conversations without consent or knowledge in violation of the Electronic Communications Privacy Act (“ECPA”), also referred to as the Wiretap Act. A new amended complaint alleges the warriors recorded fans’ oral dialogue via a phone application typically used to keep fans up-to-date on team scores, schedules, news, and statistics.

HIPAA Punctuality: Always Insist On It In Your Subordinates

In an unprecedented act, the Office for Civil Rights (OCR) entered into a settlement agreement with Presence Health Network based on the healthcare system’s failure to timely report a breach of unsecured protected health information (PHI). Under the Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA) a covered entity must notify affected individuals, the Department of Health and Human Services (HHS), and the media for breaches affecting 500 people or more. Presence Health will pay $475,000 and implement a corrective action plan (CAP) to address misunderstandings in workforce member roles and responsibilities relating to the notification process.