Tag:Privacy & Security
OCR Audits Subject To Phishing Hack
Christine Bulgozdi Associate Editor Loyola University Chicago School of Law, JD 2018 Back in November, the Department of Human Services (HHS) Office of Civil Rights (OCR) released an alert stating that a phishing scam masquerading as an OCR Audit had been spotted being sent out to Health Information Portability and Accountability Act (HIPAA) covered …
Read more
Joint Guidance Confirms the Sharing of Health Information Subject to FTC Regulations, Not Only HIPAA
Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017 On October 22, 2016, the Federal Trade Commission (“FTC”) in collaboration and conjunction with the Department of Health and Human Services’ Office for Civil Rights (“OCR”) released new guidance on key privacy and security considerations for organizations handling health …
Read more
Compliance Spotlight: Ali Gross, UC Los Angeles Health
Alanna J. Kroeker Executive Editor Loyola University Chicago School of Law, JD 2017 Ali Gross is currently a Senior Privacy Analyst at University of California Los Angeles Health (UCLA). Ms. Gross is a 2015 Loyola University Chicago School of Law Graduate where she also completed a health law certificate. Ms. Gross knew she wanted …
Read more
Compliance Spotlight: Adam Solander, Epstein Becker Green
ADAM C. SOLANDER is a Member of Epstein Becker Green’s Health Care and Life Sciences practice, in the firm’s D.C. office. Mr. Solander advises clients on data breach/cybersecurity issues across industry lines, including compliance with HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, and various other federal, state, and business requirements.
The following is an interview with him discussing the unique cybersecurity challenges facing the healthcare sector, and how the industry can move past HIPAA compliance to a more robust definition of privacy and security.
Data Breach Notification Laws: Complex and Lacking Uniformity
Amanda Bogle Executive Editor Loyola University Chicago School of Law, JD 2017 When a data breach occurs in an organization, determining whether there is a duty to notify can get complicated quickly. In investigating a breach, the specific facts of the incident become extremely important, as not every breach will require notification. The residency …
Read more
U.K. Telecommunication Company Levied with Record Fine for Cyber-Attack
Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017 TalkTalk is one of the UK’s fastest growing business to business telecommunication providers that offers a full range of business-grade communications, products and services which include internet, data, voice and mobile. On October 5, 2016, the Information Commissioner’s Office …
Read more
Legislation Involving Disclosure of Data Breaches
Gilbert Carrillo Executive Editor Loyola University Chicago School of Law, JD 2017 Yahoo is just the latest company to have a major cyber security data breach. What is more troubling is how this data breach occurred about 2 years ago and only just now the public is being told about the incident. Was Yahoo …
Read more
FTC Final Order against LabMD – The Intersection of Unfair Practices, Privacy, Security, and Compliance
Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017 The Federal Trade Commission (“FTC”) issued an Opinion and Final Order on July 29, 2016 against LabMD, a now defunct medical testing laboratory, for its lax data security practices that constituted an unfair practice under Section 5 of the …
Read more
Cybersecurity Biggest Risk to Financial System, Regulators Plan to Provide More Oversight
Kaitlin Lavin Executive Editor Loyola University Chicago School of Law, JD 2017 Financial institutions can expect increased oversight and new regulations due to recent cyberattacks and data breaches in banks. Several banks have already reported data breaches this year, and many banks have been rattled by the cyberattacks on SWIFT—the messaging network connecting the …
Read more
OCR To Devote Greater Resources To HIPAA Breaches Affecting Fewer Than 500 Individuals
Christine Bulgozdi Associate Editor Loyola University Chicago School of Law, JD 2018 The Office of Civil Rights (OCR) announced in August that they would be focusing more efforts on investigating breaches of Protected Health Information (PHI) affecting fewer than 500 individuals. Currently, regional offices investigate all breaches affecting more than 500 individuals, but only …
Read more