All posts by Stephanie Cason

Class Action Following Health Information Data Breach

As we discussed in our previous post, Premera Blue Cross (Premera) recently revealed that it suffered a massive data breach potentially exposing the personal data of 11 million customers.  On Thursday Premera was hit with a proposed class action lawsuit in Washington federal court accusing it of negligence associated with the […]

Another Large Scale Data Breach Announced by Premera Blue Cross

Premera Blue Cross revealed Tuesday it was hit by a sophisticated cyber attack potentially exposing personal data for approximately 11 million of its members including members, employees and others with whom it does business, dating back to as early as 2002.  The insurer said its investigation revealed the initial malware attack occurred on May […]

The Aftermath of the Anthem Breach

On February 4, 2015, Anthem Inc. (“Anthem”) announced a data breach involving the personal information of up to 80 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack.  According to Anthem, the information involved in the data breach included: names; dates of birth; social security numbers; health care […]

HHS to Address Lack of Clarity Regarding Mobile Health

A letter from the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights to Rep. Peter DeFazio (D-Ore.) signals an intent to move forward with providing clearer regulatory guidance relating to the Health Insurance Portability and Accountability Act (HIPAA) rules addressing mobile health app developers.  The letter, […]

23andMe Advances Its Goal of Creating Commercialized Database from Consumer Genetic Testing

On January 12, 23andMe announced an agreement with Pfizer to provide the drug company with access to anonymous, aggregated information from consumers who bought 23andMe’s test over the past seven years to learn about their own genetic history.  This furthers 23andMe’s plan to become a repository for human genetic makeup […]

Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected health information of nearly 4,000 patients and employees.  In May 2012, a physician’s laptop was stolen from his desk at […]

Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach of confidentiality against medical providers who unlawfully exposed their protected health information (PHI).  In an opinion released this […]

FDA Cybersecurity Workshop for Healthcare

On October 21-22 the U.S. Food and Drug Administration (FDA), in collaboration with the U.S. Departments of Health and Human Services and Homeland Security, conducted a public workshop entitled “Collaborative Approaches for Medical Device and Healthcare Cybersecurity.”  The FDA held this public workshop in order to bring together stakeholders in […]

FDA Issues Final Cybersecurity Guidance for Medical Devices

On October 1 the US Food and Drug Administration (FDA) issued final guidance regarding cybersecurity for medical devices. The FDA guidelines urge device manufacturers to include safety controls on devices to prevent cyber threats and recommend manufacturers outline the necessary steps that will be taken if their devices are found to […]

AMA Call for Electronic Health Record Systems Improvements

On September 16, the American Medical Association (AMA) released a new framework intended to improve the development and integration of Electronic Health Record (EHR) systems. While the AMA recognizes the potential value of EHRs, it notes that adoption and effective use has been slow due, in large part, to poor optimization […]