All posts by Stephanie Cason

Another Large Scale Data Breach Announced by Premera Blue Cross

Premera Blue Cross revealed Tuesday it was hit by a sophisticated cyber attack potentially exposing personal data for approximately 11 million of its members including members, employees and others with whom it does business, dating back to as early as 2002.  The insurer said its investigation revealed the initial malware attack occurred on May […]

The Aftermath of the Anthem Breach

On February 4, 2015, Anthem Inc. (“Anthem”) announced a data breach involving the personal information of up to 80 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack.  According to Anthem, the information involved in the data breach included: names; dates of birth; social security numbers; health care […]

HHS to Address Lack of Clarity Regarding Mobile Health

A letter from the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights to Rep. Peter DeFazio (D-Ore.) signals an intent to move forward with providing clearer regulatory guidance relating to the Health Insurance Portability and Accountability Act (HIPAA) rules addressing mobile health app developers.  The letter, […]

23andMe Advances Its Goal of Creating Commercialized Database from Consumer Genetic Testing

On January 12, 23andMe announced an agreement with Pfizer to provide the drug company with access to anonymous, aggregated information from consumers who bought 23andMe’s test over the past seven years to learn about their own genetic history.  This furthers 23andMe’s plan to become a repository for human genetic makeup […]

Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected health information of nearly 4,000 patients and employees.  In May 2012, a physician’s laptop was stolen from his desk at […]

Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach of confidentiality against medical providers who unlawfully exposed their protected health information (PHI).  In an opinion released this […]

FDA Cybersecurity Workshop for Healthcare

On October 21-22 the U.S. Food and Drug Administration (FDA), in collaboration with the U.S. Departments of Health and Human Services and Homeland Security, conducted a public workshop entitled “Collaborative Approaches for Medical Device and Healthcare Cybersecurity.”  The FDA held this public workshop in order to bring together stakeholders in […]