This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here. The regulations are effective March 26, 2013, but covered entities and business associates have until … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here. The regulations are effective March 26, 2013, but covered entities and business associates have until … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here. The regulations are effective March 26, 2013, but covered entities and business associates have until … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here. The regulations are effective March 26, 2013, but covered entities and business associates have until … Continue Reading
On January 22, 2013, the Federal Financial Institutions Examination Council proposed guidance on the applicability of consumer protection and compliance laws, regulations, and policies to activities conducted via social media by depository institutions. The proposed guidance would not impose additional compliance obligations on institutions. Instead, the guidance is intended to help financial institutions understand potential … Continue Reading
On Wednesday, a federal judge in the Central District of California dismissed Humana Pharmacy Inc.’s motion to dismiss a putative class action suit alleging the company illegally recorded telephone calls with customers, finding that the California Invasion of Privacy Act (“CIPA”) does not exempt quality assurance recordings. In its motion to dismiss, Humana argued that CIPA exempts … Continue Reading
China’s Standardization Administration recently released a long-awaited national standard related to personal information. Entitled Information Security Technology — Guidelines for Personal Information Protection Within Public and Commercial Services Information Systems (信息安全技术公共及商用服务信息系统个人信息保护指南) (“Guidelines”), the new standard will take effect February 1, 2013. The Guidelines are voluntary and lack the force of law. They nevertheless clarify key … Continue Reading
On 24 January 2013, the UK Information Commissioner’s Office (ICO) announced that Sony Computer Entertainment Europe Limited (Sony) would be fined £250,000 following a data breach of the Playstation Network. The breach occurred in 2011 when hackers accessed the personal details of “millions” of Playstation Network customers, including names, dates of birth, passwords, and other … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule issued by the U.S. Department of Health and Human Services (HHS) on January 17, 2013 (available here), and scheduled to be published in the Federal Register on January 25. Previous posts are available here. The regulations are effective March … Continue Reading
Yesterday, industry and government panelists participated in a conference sponsored by the Congressional Internet Caucus Advisory Committee that included a panel discussion on “Plumbing the Policy Implications of Data Analytics and Defining Big Data,” The Year’s Most Overused Term.” According to press reports, Federal Trade Commission Senior Policy Adviser and panelist Paul Ohm acknowledged that … Continue Reading
The Ninth Circuit revived a putative class action alleging that ADT Security Services violated the California Invasion of Privacy Act (“CIPA”) by recording the plaintiff’s phone call to the company without consent, remanding the case to allow the plaintiff to file an amended complaint. In a published opinion, the panel wrote that while it agreed … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule issued by the U.S. Department of Health and Human Services (HHS) on January 17, 2013 (available here), and scheduled to be published in the Federal Register on January 25. Previous posts are available here. The regulations are effective March … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule issued by the U.S. Department of Health and Human Services (HHS) on January 17, 2013 (available here), and scheduled to be published in the Federal Register on January 25. Previous posts are available here. The regulations are effective March 26, 2013, … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule issued by the U.S. Department of Health and Human Services (HHS) on January 17, 2013 (available here), and scheduled to be published in the Federal Register on January 25. Previous posts are available here. The regulations are effective March 26, 2013, … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule issued by the U.S. Department of Health and Human Services (HHS) on January 17, 2013 (available here), and scheduled to be published in the Federal Register on January 25. Previous posts are available here. The regulations are effective March 26, 2013, … Continue Reading
On Friday, Rep. Hank Johnson (D-Ga.) released a discussion draft of a bill for mobile privacy. Named the Application Privacy, Protection and Security Act of 2013 (“APPS Act”), the bill would obligate app developers to disclose to users the terms and conditions around the collection, use, storage, and sharing of user data. Additionally, the bill … Continue Reading
In an effort to stem the tide of intellectual property theft from U.S. companies, on January 14, 2013, President Obama signed H.R. 6029, the Foreign and Economic Espionage Penalty Enhancement Act of 2012. The Act increases the penalties for trade secret theft under the Economic Espionage Act of 1996 for crimes that the perpetrator knows … Continue Reading
In its most recent issue of the Supervisory Insights newsletter, the Federal Deposit Insurance Corporation (FDIC) describes mobile payment technologies, the risks they pose to depository institutions, and the regulatory framework applicable to such technologies. The FDIC notes the widespread use of smartphones as a payment technology and the increasing availability of point-of-sale terminals equipped … Continue Reading
By Anna Kraus The U.S. Department of Health and Human Services has issued its long-awaited final omnibus rule modifying the privacy, security, enforcement, and breach notification regulations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The rule is based on statutory changes under the Health Information Technology for Economic and Clinical Health … Continue Reading
Following the release of the President’s plan to reduce gun violence, the Office for Civil Rights within the Department of Health and Human Services (HHS) issued a “Message to Our Nation’s Health Care Providers” regarding HIPAA and reporting threats of violence. In the letter, which was prompted by the recent mass shootings in Newtown, Connecticut, … Continue Reading
By Anna Kraus Two measures in President Obama’s plan to reduce gun violence, released yesterday, seek to address privacy concerns related to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Mental Health Records and Background Checks. The first measure, which is part of a set of recommendations to strengthen the National Instant Criminal … Continue Reading
As we reported last week, MEP Jan Philipp Albrecht, the rapporteur for the lead European Parliament Committee (LIBE) for the proposed EU Data Protection Regulation, has released a controversial report on the Commission’s proposal. There have been several news articles and commentaries in recent days about numerous aspects of the report — including the threat … Continue Reading
Last week, the Federal Trade Commission entered into a consent order with two companies alleged to have operated as consumer reporting agencies, by providing criminal record reports through mobile applications, without complying with the Fair Credit Reporting Act (FCRA). The consent order represents the FTC’s first FCRA case involving mobile applications. According to the FTC’s complaint, Filiquarian … Continue Reading
Yesterday, President Obama signed into law the “Video Privacy Protection Act Amendments Act of 2012,” a law that amends the VPPA’s notoriously vague consent provision. As originally enacted, the VPPA allowed “video tape service providers” to disclose consumers’ “personally identifiable information” (including their video viewing histories) with a consumer’s consent only if that consent were … Continue Reading
