Tag Archives: LabMD

11th Circuit Issues Opinion Vacating Order That Required LabMD to Overhaul Its Data Security Program

Photo of Kathryn CareyBy Kathryn Carey and Aaron Lancaster on Posted in Cybersecurity, Medical Privacy
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and implement a variety of protective measures with respect to data security. Notably, however, the decision did not address the most … Continue Reading

Unanimous FTC Finds LabMD’s Data Security Practices Violated Section 5 of the FTC Act

By Will R. Daugherty and David M. Brown on Posted in Cybersecurity, Enforcement, Medical Privacy, Online Privacy
On July 29, 2016, a unanimous Federal Trade Commission (“FTC” or “Commission”) issued its Opinion and Final Order reversing the decision of an administrative law judge (“ALJ”) and holding that LabMD engaged in “unfair” practices in violation of Section 5 of the FTC Act because it failed to provide reasonable and appropriate security for personal … Continue Reading

LabMD and Wyndham Decisions Curtail FTC’s Data Privacy and Security Reach

Photo of Gerald J. FergusonBy Alan L. Friel and Gerald J. Ferguson on Posted in Children’s Privacy, HIPAA/HITECH, Online Privacy
Both the administrative law judge’s decision in LabMD and the Third Circuit’s recent decision in Wyndham, which we previously blogged about, put the FTC on notice that it cannot assume that in the wake of a security breach, allegedly inadequate data security will necessarily constitute an unfair practice under Section 5 of the FTC Act. Further, … Continue Reading

ALJ Issues Sweeping Decision Dismissing FTC’s Action Against LabMD

Photo of Lynn SessionsBy Lynn Sessions and David M. Brown on Posted in Medical Privacy, Online Privacy
On November 13, 2015, the chief administrative law judge (“ALJ”) handling the Federal Trade Commission’s (“FTC” or “Commission”) complaint against LabMD Inc. (“LabMD”) dismissed the case in its entirety. As we previously reported, following two data security incidents involving the disclosure of personal information, the FTC brought an action against LabMD, a clinical testing laboratory, … Continue Reading
LexBlog