This Update highlights some of the international data protection issues that caught our attention and the attention of our clients over the winter, including updates on European data transfers and cookie compliance, regulatory enforcement actions, and data protection laws in Canada, China, India and Saudi Arabia. Russia’s Attack on Ukraine Government cybersecurity agencies worldwide are … Continue Reading
On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution agreements make it clear that organizations must be able to propose steps to analyze security risks for ePHI as specified by HIPAA … Continue Reading
BlueCross BlueShield of Tennessee (BCBST) was the victim of a theft in 2009 when an intruder stole 57 hard drives which contained protected health information (PHI) of more than 1 million customers. The information on the hard drives included names, Social Security Numbers, diagnosis codes, dates of birth, and health plan identification numbers. Reports suggest … Continue Reading
While plaintiffs continue to face an uphill battle proving damages in privacy litigation – regulatory actions and investigations seem to be increasing. During 2011, we saw activity from many government agencies—both state and federal—including the Federal Trade Commission (FTC), Department of Education (DOE), Department of Health and Human Services (HHS) Office for Civil Rights (OCR), … Continue Reading
Posted in Data Protection
