Tag Archives: HIPAA Security Rule

A New Year Brings a New Vermont Law Aimed at Data Brokers and Credit Reporting Agencies

Photo of Sara GoldsteinBy Laura E. Jehl and Sara Goldstein on Posted in Consumer Data, State Legislation
On Jan. 1, 2019, a new Vermont law intended to protect consumers by imposing new requirements on “data brokers,” companies that aggregate and sell consumer information, and credit reporting agencies took effect. Under the new law, data brokers must comply with registration, information security safeguards and reporting requirements, while credit reporting agencies are prohibited from … Continue Reading

When Obscurity Is Not a Defense

Photo of Andreas KaltsounisBy Andreas Kaltsounis on Posted in Cybersecurity
Many organizations facing a data-security incident struggle to understand how or why their organization was targeted in an attack. Most simply believe they are too small or too obscure to be targeted by malicious cyber actors. Even larger, well-known businesses are lulled into complacency, mistaking years without a major security incident as evidence that their … Continue Reading

Can Covered Entities Utilize Text Messaging and Text Paging Without Violating HIPAA?

Photo of Lynn SessionsBy Lynn Sessions on Posted in HIPAA/HITECH, Medical Privacy
Co-authored by: Cory Fox Text messaging allows healthcare providers to deliver simple, relevant, and customizable health information instantaneously to their patients, like reminders to obtain a vaccine, take a medication or come to an important follow-up appointment. Text paging, a form of text messaging frequently used by healthcare professionals, can help ensure patient safety by … Continue Reading

HHS to Propose New Privacy Standards for Human Research Subjects

Photo of Lynn SessionsBy Lynn Sessions on Posted in HIPAA/HITECH, Mobile Privacy
The Department of Health and Human Services (HHS) provided an Advanced Notice of Proposed Rule Making (ANPRN) on July 22, 2011, to enhance protections for medical research subjects, including standards around privacy and data security. The ANPRN seeks comments on how better to protect human research subjects while facilitating valuable research. The current Common Rule … Continue Reading
LexBlog