Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Tag Archives: Reporting of Data Breaches

Changes in Breach Notification Risk Assessments Under HIPAA

Posted in Data Breach Notification, Data Compliance & Security, HIPAA/HITECH, Privacy Regulation

Reposted from Mintz Levin’s Health Law & Policy Matters blog The American Bar Association Health Law Section’s July 2014 eSource publication includes an article by Dianne Bourque, Kimberly Gold, and Stephanie Willis that provides examples of how risk assessments under the Breach Notification Rule have changed since the HIPAA Omnibus Rule went into effect in September 2013.   The examples analyzed… Continue Reading

Latest EU Proposal Will Force More Companies to Disclose Data Breaches

Posted in European Union

Written by Susan Foster (LONDON)  The European Commission recently published a draft “Cybersecurity Directive” which aims to increase the level of preparedness across the EU to deal with threats to network and information security.  The Directive provides for information-sharing and cooperation between the governments of Member States of the EU to tackle cybersecurity threats. As… Continue Reading

First Ever State-initiated HIPAA Enforcement Action Settled

Posted in Legislation

Written by Dianne Bourque Connecticut Attorney General Richard Blumenthal has settled the first state-initiated HIPAA enforcement action. The settlement totals $250,000 in statutory damages and Health Net’s agreement to implement a variety of measures to improve the security of consumer health and personal information. Health Net also agreed to provide two years of credit monitoring… Continue Reading

Privacy and Security Bits and Bytes

Posted in Data Breach

On this last day of April, there are a couple of breaches and another clarion warning about copy machines – We have blogged on this issue here and here — and again, there is another warning about the treasure trove of information residing on the hard drive of your copy machine. A CBS Evening News… Continue Reading

Big Fines Coming in UK for Data Breaches

Posted in Data Breach

By Susan Foster, Mintz Levin London As of April 6, 2010, the UK’s Information Commissioner’s Office (ICO) can levy fines of up to £500,000 for breaches of the Data Protection Act 1998 that are: • serious in nature • deliberate or reckless, and • likely to cause substantial damage or distress to an individual. The… Continue Reading

Today’s compliance deadline – Enforcement of the HITECH/HIPAA data breach notification rule

Posted in Data Breach

February and March are just full of significant deadlines for privacy/security reporting and compliance. Today is the day that the Health & Human Services Office of Civil Rights begins to enforce the HITECH/HIPAA data breach notification rule. To “celebrate” the occasion, the agency publicly posted the first list of reported breaches affecting 500 or more… Continue Reading

Security Bits and Bytes

Posted in Data Breach

A few items to wrap up/review privacy and security issues in 2009 and open up 2010: Gonzalez Pleads Guilty in December 2009 – but this piece from Retail Research Systems explains why retailers should not be sanguine about data security: Privacy Risks for 2010 RFID in 2010: The New Hampshire House of Representatives voted this… Continue Reading

Privacy and Security Bits and Bytes

Posted in Data Breach

After a bit of a hiatus, our Friday afternoon feature is back: Do you know what your information is worth on the black market? It may just surprise you. Good piece on a new Symantec tool to let you do the calculations. See Information Security Resources – What Are You Worth On The Black Market?… Continue Reading