Archives: Data Protection

Subscribe to Data Protection RSS Feed

HHS Announces $400,000 HIPAA Settlement with Community Health Center

The Department of Health and Human Services Office of Civil Rights (HHS OCR) recently settled with a notable covered entity – a nonprofit Federally Qualified Community Health Center (FQHC) – over alleged Health Information Portability and Accountability Act (HIPAA) Privacy and Security Rule violations. With the FQHC agreeing to pay $400,000 to HHS and entering … Continue Reading

Ransomware Scandals Rock Hospital Systems; HHS’ Proposed Rule May Help

Hospital systems are on notice for ransomware attacking their health IT systems after three hospital systems are reported to be victims of computer viruses.   In response, one hospital system paid almost $17,000 in Bitcoin to retrieve their EHR, while the other two hospital systems worked off paper records and backup systems for a few days … Continue Reading

Malicious Malware Brings On a Major HIPAA Headache

The United States Department of Health and Human Services (HHS) recently entered into a $750,000 resolution agreement with the University of Washington (UW) following an investigation.  The investigation was prompted by UW reporting a breach of about 90,000 people’s personal health information (PHI) after an employee unknowingly downloaded malicious malware from an email attachment. Similar … Continue Reading

Thinking About Cybersecurity – How to Get Organized & Better Manage Risk

Another month, another round of data breaches – seem like a familiar refrain when healthcare providers, health plans and their counsel think about cybersecurity?  But what if instead we could get organized and manage this growing business risk in a more proactive manner? It sounds like a good idea, but for many counsel, who view … Continue Reading

Anthem Data Breach: A Dramatic Reminder about Data Security

News of the data breach suffered by Anthem continues to dominate the news (here, here, and here for example).  And, further raising the stakes, class action lawsuits from individuals whose information has potentially been compromised are beginning to roll into courthouses across the country (California, Alabama, Indiana, Georgia, California (again), and California (again)).  Because health care data is such a … Continue Reading

Florida’s New Data Breach Notification Law Shortens the Time Period for Reporting Data Breaches

Florida enacted a new data breach reporting law, the Florida Information Protection Act (“FIPA”), which will affect most, if not all, healthcare businesses.  The law became effective the first of this month (July 1, 2014).  The deadline for data breach reporting under FIPA is now 30 days, shortened from 45 days in the previous version … Continue Reading

Best Practice on Data Privacy

 Most organizations would agree that data privacy must be treated as a priority issue, not least because of the financial and reputational consequences of a data breach.  Squire Patton Boggs has a global team of specialists advising clients on local and global data issues. Two members of our team, Tom Zeno and Lindsay Holmes have written a two … Continue Reading
LexBlog