Tag Archives: COVID-19

New Director of HHS Office for Civil Rights Announced: What could Lisa J. Pino’s appointment mean for future HIPAA enforcement?

Photo of Sara GoldsteinBy Sara Goldstein on Posted in Cybersecurity, Enforcement, Healthcare, HHS, HIPAA/HITECH
More than eight months into the Biden administration, the U.S. Department of Health & Human Services (HHS) announced the appointment of Lisa J. Pino as the new director of the Office for Civil Rights (OCR) on Sept. 27, 2021. As the new director of the OCR, Pino will be responsible for enforcing the Health Insurance … Continue Reading

FTC Issues Statement Warning Health Apps to Notify Consumers About Data Breaches

Photo of Melissa HewittBy Melissa Hewitt on Posted in Data Breaches, Enforcement, FTC, HIPAA/HITECH
The U.S. Federal Trade Commission (FTC) issued a policy statement on Sept. 15, 2021, warning that the decade-old Health Breach Notification Rule (the rule) – which applies to companies that handle personal health records or collect health data –  to notify consumers, the FTC and, in some cases, the media about data breaches. “In practical … Continue Reading

COVID-19 Consumer Protection Act Shows Alternative Path to Monetary Remedies

Photo of Randal M. ShaheenPhoto of John P. FerryBy Randal M. Shaheen and John P. Ferry on Posted in FTC
A recent Federal Trade Commission (FTC) action demonstrates how the FTC has pivoted toward enforcement actions based on specific acts of Congress and rules in light of the Supreme Court’s ruling in AMG Capital. Congress passed the COVID-19 Consumer Protection Act in December 2020, which made deceptive acts or practices involving the treatment, cure, prevention, … Continue Reading

Privacy and Product Counseling: 2020 in Review

Photo of Gerald J. FergusonPhoto of Nichole SterlingBy Kyle R. Fath, Gerald J. Ferguson and Nichole Sterling on Posted in Privacy
Summary Advising our clients on compliance with laws and regulations is, hands down, the most important aspect of our role as attorneys. In addition to seeking counsel on their obligations under laws and regulations, however – motivated by industry trends, utilization of and dependence on third-party services and platforms, and, this year, the COVID-19 pandemic … Continue Reading

ONC Announces Delay of Information Blocking Provisions

Photo of Vimala DevassyBy Vimala Devassy on Posted in Healthcare, HHS
The Department of Health and Human Services’ (HHS)’ Office of the National Coordinator (ONC) published an interim final rule today delaying several key compliance deadlines in the ONC 21st Century Cures Act final rule – including that of the information blocking provisions, which were slated to become effective on November 2, 2020 – until April 5, … Continue Reading

Positioning for What’s Beyond the Horizon: What Digital Transformation and the Data Economy Mean for You

Photo of Janine Anthony BowenPhoto of Chad RutkowskiPhoto of Jeewon SerratoPhoto of Theresa WeisenbergerBy Janine Anthony Bowen, Chad Rutkowski, Jeewon Serrato and Theresa Weisenberger on Posted in Digital Transformation
BakerHostetler’s new Digital Transformation and Data Economy Team (DTDE) is presenting a four-part webinar series in May where attorneys will cover legal implications surrounding COVID-19 for business leaders. Panelists, including in-house attorneys and industry experts, will discuss how companies can determine where opportunities and vulnerabilities lie in managing, protecting and leveraging digitization and data assets. … Continue Reading

Joint Agencies Issue Guidance on Prevalence of Cyberattacks Exploiting COVID-19 and Teleworking

Photo of Kathryn CareyBy Kathryn Carey on Posted in Cybersecurity
On Friday, April 10, 2020, the Department of Homeland Security, the Cybersecurity and Infrastructure Agency and the United Kingdom’s National Cyber Security Centre (NCSC) (jointly, the Agencies) issued a joint statement regarding the growing prevalence of COVID-19-related cyberattacks. The alert focuses on advanced persistent threat (APT) groups and other cybercriminals that are targeting organizations with … Continue Reading

Focus on Children’s Privacy Intensifies as Daily Life Moves Online

Photo of Carolina AlonsoPhoto of Melinda L. McLellanBy Carolina Alonso and Melinda L. McLellan on Posted in Children’s Privacy
With physical schools closed indefinitely, classrooms have moved online, either introducing or significantly expanding children’s use of virtual education technology and highlighting certain privacy concerns. Responding to this evolving environment, on April 9 the Federal Trade Commission (FTC) issued COPPA Guidance for Ed Tech Companies and Schools during the Coronavirus to address some common compliance … Continue Reading

Due to the COVID-19 Pandemic, HHS Eases Restrictions on the Use and Disclosure of PHI by Business Associates

Photo of Eric A. PackelBy Eric A. Packel on Posted in HHS
The COVID-19 public health emergency already has caused the U.S. Health and Human Services (HHS) Office for Civil Rights to announce various enforcement changes and waivers. On April 2, HHS issued another notification of enforcement discretion – this one relating to business associates. This latest notification allows business associates to use and disclose protected health … Continue Reading

CARES Act Significantly Revises Part 2 Rules to Better Align with HIPAA

Photo of Kyle GregoryPhoto of Vimala DevassyBy Kyle Gregory and Vimala Devassy on Posted in Healthcare, HIPAA/HITECH
On March 27, 2020, President Trump signed the Coronavirus Aid, Relief, and Economic Security Act (the “CARES Act”) into law. While the focus of the CARES Act has been on direct financial aid to Americans, the Act also contains a number of material revisions to the Federal privacy provisions that govern the confidentiality of substance-use … Continue Reading

Healthcare Providers Remain Targets for Ransomware Attacks in the Midst of COVID-19 Pandemic

Photo of Benjamin WangerPhoto of Sara GoldsteinBy Benjamin Wanger and Sara Goldstein on Posted in Ransomware
Although it was widely reported that several ransomware threat actor groups have pledged to not target healthcare providers until the COVID-19 pandemic is over, BakerHostetler’s Digital Assets and Data Management Practice Group and Healthcare Privacy and Compliance team continue to see ransomware attacks launched against healthcare providers. In order to combat the COVID-19 pandemic, healthcare … Continue Reading

HHS Issues Two Important Bulletins Waiving HIPAA Sanctions During the COVID-19 National Emergency

Photo of Vimala DevassyBy Vimala Devassy on Posted in HHS
The HHS Office for Civil Rights (OCR) issued two important bulletins this week regarding the novel coronavirus disease (COVID-19) outbreak. On Mar. 16, OCR issued a limited waiver of HIPAA sanctions and penalties for noncompliance with certain provisions of the HIPAA Privacy Rule, including the requirement to obtain a patient’s agreement to speak with family … Continue Reading

COVID-19 Cybersecurity Exposure

Photo of Andreas KaltsounisBy Andreas Kaltsounis on Posted in Cybersecurity
Risk scenarios and recommendations History tells us that unscrupulous actors will exploit any crisis, and COVID-19 is no exception. Attackers wasted no time building coronavirus-themed phishing emails and malware-laden websites purporting to track the coronavirus’s spread across the globe. These opportunistic attacks were an expected variation on well-known themes that use fear to engineer an … Continue Reading

FERPA Disclosures in Response to COVID-19

Photo of Lynn SessionsPhoto of Benjamin WellsBy Lynn Sessions and Benjamin Wells on Posted in Education
The United States Department of Education (ED) Student Privacy Policy Office (SPPO), on March 13, 2020, issued Frequently Asked Questions related to the serious novel coronavirus disease (COVID-19) that the world is now grappling with. This FAQ document mirrors in large part the same line of advice found in ED’s prior Joint Guidance with Health … Continue Reading
LexBlog