Category:

Privacy & Security

Data Breach Notification Laws: Complex and Lacking Uniformity

Amanda Bogle Executive Editor Loyola University Chicago School of Law, JD 2017   When a data breach occurs in an organization, determining whether there is a duty to notify can get complicated quickly. In investigating a breach, the specific facts of the incident become extremely important, as not every breach will require notification. The residency …
Read more

U.K. Telecommunication Company Levied with Record Fine for Cyber-Attack

Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017   TalkTalk is one of the UK’s fastest growing business to business telecommunication providers that offers a full range of business-grade communications, products and services which include internet, data, voice and mobile. On October 5, 2016, the Information Commissioner’s Office …
Read more

Advocate Settles with OCR for $5.55 Million, Officially the Highest Single HIPAA Violation Settlement to Date

Fannie Fang Executive Editor Loyola University Chicago School of Law, JD 2017   The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently agreed to a settlement with Advocate Health Care Network (Advocate), the largest health systems in the Chicago area. In the settlement, Advocate agreed to pay a sum of …
Read more

FTC Final Order against LabMD – The Intersection of Unfair Practices, Privacy, Security, and Compliance

Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017   The Federal Trade Commission (“FTC”) issued an Opinion and Final Order on July 29, 2016 against LabMD, a now defunct medical testing laboratory, for its lax data security practices that constituted an unfair practice under Section 5 of the …
Read more

Cybersecurity Biggest Risk to Financial System, Regulators Plan to Provide More Oversight

Kaitlin Lavin Executive Editor Loyola University Chicago School of Law, JD 2017   Financial institutions can expect increased oversight and new regulations due to recent cyberattacks and data breaches in banks. Several banks have already reported data breaches this year, and many banks have been rattled by the cyberattacks on SWIFT—the  messaging network connecting the …
Read more

HIPAA Vulnerabilities Highlighted in Oregon Health & Science University Settlement

Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M in Health Law 2017   In 2013, Oregon Health & Science University (“OHSU”), Oregon’s only academic health center, reported numerous breaches of unsecured electronic protected health information (“ePHI”), including two breaches within the span of five months. This led to the Office of Civil …
Read more

OCR To Devote Greater Resources To HIPAA Breaches Affecting Fewer Than 500 Individuals

Christine Bulgozdi Associate Editor Loyola University Chicago School of Law, JD 2018   The Office of Civil Rights (OCR) announced in August that they would be focusing more efforts on investigating breaches of Protected Health Information (PHI) affecting fewer than 500 individuals.  Currently, regional offices investigate all breaches affecting more than 500 individuals, but only …
Read more

Brexit & Privacy Compliance

Ryan Meade Editor-in-Chief Director of Regulatory Compliance Studies at Loyola University Chicago School of Law   Now that the UK referendum has expressed the voters’ preference to leave the European Union, there are some fascinating questions regarding how compliance programs deal with the unwinding.  There is still considerable time to wrestle with these matters since both major …
Read more