Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity 87

Cybersecurity Privacy Insurance Risk 87

Data Matters

MAY 6, 2022

Digital health companies should take note of new data privacy and security developments under the Health Insurance Portability and Accountability Act (HIPAA) that can affect product planning and customer negotiations. RFI Regarding Recognized Security Practices.

Risk 87

Risk Cybersecurity Insurance Authentication 87

Hunton Privacy

MAY 14, 2010

Prior to 2009, HHS divided civil enforcement responsibility for HIPAA between OCR, which enforced the HIPAA Privacy Rule, and the Centers for Medicare and Medicaid Services (“CMS”), which enforced the HIPAA Security Rule.

Security 40

Security CMS Compliance Privacy 40

eSecurity Planet

APRIL 26, 2022

Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. How Do VC Firms Work? AllegisCyber Investments.

Cybersecurity 129

Cybersecurity Cloud Marketing Security 129

Hunton Privacy

AUGUST 10, 2017

On August 9, 2017, Nationwide Mutual Insurance Co. In October 2012, Nationwide and its affiliate, Allied Property & Casualty Insurance Co. According to the attorneys general, Nationwide and Allied had failed to deploy a critical software patch that was released in 2009 to address the vulnerability. million individuals. .

Data breaches 45

Data breaches Insurance Data collection Risk 45

Hunton Privacy

JULY 8, 2010

On July 8, 2010, the Department of Health and Human Services (“HHS”) issued a notice of proposed rulemaking to modify the Privacy, Security and Enforcement Rules promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996.

Privacy 40

Privacy Security Marketing Insurance 40

Hunton Privacy

JANUARY 15, 2010

for allegedly failing to secure private patient medical records and financial information involving hundreds of thousands of Connecticut enrollees and promptly notify consumers endangered by the security breach. Health Net did not begin notifying affected individuals until November 2009. In a lawsuit he described as “[s]adly.

Insurance 40

Insurance Privacy Security Encryption 40

Hunton Privacy

JULY 12, 2013

following a security breach that affected over 600,000 individuals. Following the submission of a breach report to the HHS Office for Civil Rights (“OCR”), an investigation determined that WellPoint had not complied with HIPAA Privacy and Security Rule requirements. million settlement with WellPoint Inc.

Privacy 40

Privacy Security Insurance Access 40

Hunton Privacy

JANUARY 17, 2013

The Final Rule comes two and a half years after the proposed rule was published in July 2010. The Final Rule comes two and a half years after the proposed rule was published in July 2010.

Privacy 40

Privacy Security Insurance Marketing 40

Hunton Privacy

NOVEMBER 10, 2010

On November 8, 2010, Connecticut Insurance Commissioner Thomas Sullivan announced that Health Net of Connecticut, Inc. (“Health Net”) had agreed to pay $375,000 in penalties for failing to safeguard the personal information of its members from misuse by third parties.

Data breaches 40

Data breaches Insurance Security IT 40

Hunton Privacy

JANUARY 6, 2010

On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire.

Privacy 40

Privacy Security Encryption Communications 40

Hunton Privacy

JUNE 30, 2017

The attack is the second largest health data breach recorded by the Office for Civil Rights (“OCR”) this year, and the largest ransomware incident recorded by OCR since it began tracking incidents in 2009. According to Airway Oxygen’s statement , the company discovered the presence of ransomware on its systems in April 2017.

Data breaches 56

Data breaches Ransomware Insurance Access 56

Hunton Privacy

AUGUST 28, 2009

On August 17, the Federal Trade Commission (“FTC”) issued a final rule (“FTC Final Rule”) addressing security breaches of personal health records (“PHRs”). Full compliance is required by February 22, 2010. The FTC Final Rule requires PHR vendors and PHR related entities to notify U.S.

Insurance 40

Insurance Compliance Encryption Information Security 40

Hunton Privacy

SEPTEMBER 23, 2009

The Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), which was signed into law in February 2009 as part of the economic stimulus package, substantially impacts requirements imposed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Insurance 40

Insurance Compliance Privacy Security 40

Hunton Privacy

FEBRUARY 16, 2011

In our August 2009 blog post on data protection issues in China, we noted that there was no uniform Chinese law that specifically addresses the protection of personal data, and that it seemed likely that Chinese personal information protection law would continue to develop as a patchwork of piecemeal regulations.

Privacy 40

Privacy Insurance Personal data IT 40

IBM Big Data Hub

APRIL 5, 2023

The healthcare industry’s heavy reliance on legacy systems, regulatory and security challenges are significant hurdles for its journey toward digital transformation. We saw this during the COVID-19 pandemic as many large healthcare systems scrambled to integrate digital technology at speed.

Digital transformation 60

Digital transformation Compliance Cloud Insurance 60

Hunton Privacy

JULY 28, 2010

At the same time, HHS began investigating the pharmacies’ disposal of health information protected by the Health Insurance Portability and Accountability Act. The order also bars future misrepresentations of the company’s security practices. million and implement remedial measures to settle the investigations.

Insurance 40

Insurance Privacy Compliance Information Security 40

Hunton Privacy

FEBRUARY 4, 2009

08-3535, 2009 WL 43098 (E.D. January 7, 2009). During her visit, she provided Jackson Hewitt with confidential information such as her Social Security number, date of birth and driver’s license number. Jackson Hewitt Tax Service Inc., She also alleged that Jackson Hewitt violated 26 U.S.C. §

Privacy 40

Privacy Insurance Risk Security 40

Hunton Privacy

JANUARY 22, 2009

Two California medical privacy laws became effective on January 1, 2009. In contrast, other medical privacy regulations, including the Privacy Rule promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), focus only on the unauthorized use or disclosure of protected health information.

Privacy 40

Privacy Insurance Access Security 40

Data Matters

DECEMBER 15, 2020

If adopted in a final rule, these proposed changes may require updates in covered entities and business associate policies, procedures, and security standards, as well as in notices of privacy practices documents. The post HHS Issues Proposed Rule Modernizing HIPAA Privacy Rule appeared first on Data Matters Privacy Blog.

Privacy 67

Privacy Access Insurance Communications 67

Data Matters

NOVEMBER 5, 2018

The Federal Highway Administration will pursue an updated to the 2009 Manual on Uniform Traffic Control Devices that will take into consideration the rapid development of automated technologies and other needs. State, local, and tribal governments. Looking Forward: DOT’s Next Steps.

Cybersecurity 86

Cybersecurity Government Communications Privacy 86

IBM Big Data Hub

JULY 6, 2023

These new reporting standards represent an evolution from the voluntary guidelines first issued in 2009 by India’s Ministry of Corporate Affairs, which were further refined in the Business Responsibility Report (BRR) of 2012. Businesses should respect and promote the well-being of all employees, including those in their value chains.

Insurance 50

Insurance Government Data structuring Communications 50

Hunton Privacy

APRIL 3, 2009

On March 20, 2009, the Federal Trade Commission (“FTC”) published its long-awaited guide to the Red Flags Rule (the “Rule”), entitled “Fighting Fraud with Red Flags Rule: A How-To Guide for Business.” For entities subject to the FTC’s jurisdiction, the relevant compliance deadline is May 1, 2009.

Compliance 40

Compliance Retail Insurance Manufacturing 40

Hunton Privacy

JANUARY 25, 2013

On January 17, 2013, the Department of Health and Human Services’ (“HHS’”) Office for Civil Rights (“OCR”) released its long-anticipated megarule (“Omnibus Rule”) amending the HIPAA Privacy, Security, Breach Notification and Enforcement Rules. Changes to the Breach Notification Framework.

Compliance 45

Compliance Communications Privacy Marketing 45

eSecurity Planet

MAY 11, 2023

The concept of zero trust has been around since 2010, when Forrester Research analyst John Kindervag created the zero trust security model. The only exception, it seems, has been cloud service providers, who boast an enviable record when it comes to cybersecurity, thanks to rigorous security practices like Google’s continuous patching.

Cloud 110

Cloud IT Insurance Authentication 110

ARMA International

SEPTEMBER 27, 2021

In fact, “the Independent Panel for Pandemic Preparedness and Response, pointedly noted that since the H1N1 pandemic in 2009, there have been 11 high-level commissions and panels that produced more than 16 reports, with the vast majority of recommendations never implemented” (Fink 2021). 2020, p 1).

Digital transformation 59

Digital transformation Risk IT Computer and Electronics 59