Category: Privacy and Security

Cooley Alerts | No More Safe Harbor: What Should Life Sciences and Biotech Companies Be Doing to Transfer Data to the US?

Source: Cooley LLP | Media | Alerts | No More Safe Harbor: What Should Life Sciences and Biotech Companies Be Doing to Transfer Data to the US?

HHS Launches HIPAA Platform for Medical Application Developers

On Monday, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released an online platform designed for use by developers of mobile medical applications (apps).  The site allows users to submit questions regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA) and to access […]

HHS To Launch New HIPAA Audits in Early 2016 in Response to OIG Reports

The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports  yesterday calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and Accountability Act (HIPAA) enforcement efforts.   In response to these reports, HHS announced that it […]

Excellus is Latest in Line of BCBS Insurers Experiencing Cyberattack

Excellus, a BlueCross BlueShield (BCBS)  provider servicing upstate New York, announced last week that it was the latest in a string of BCBS providers that experienced a data breach as a result of a cyberattack.  CareFirst BlueCross Blue Shield, Anthem, and Premera Blue Cross all recently announced they were the victims of sophisticated cyberattacks […]

Cancer Care Group Reaches Agreement to Settle Alleged HIPAA Violations

Last week, Cancer Care Group, P.C. (CCG), an Indiana radiation oncology practice, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $750,000 and adopting a three year corrective action plan.

St. Elizabeth’s Medical Center Reaches Agreement to Settle Alleged HIPAA Breach

Last week, St. Elizabeth’s Medical Center (SEMC), a hospital located in Brighton, Massachusetts, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $218,400 and adopting a robust corrective action plan.

States Strengthen Laws Addressing Health Information Handling and Breach Response

Connecticut and Oregon were recently added to the increasing list of states  adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information.  Both states amended their respective data security and breach notification laws and they will now levy stricter requirements on entities that store or […]