The U.S. Department of Health and Human Services recently published “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” which was developed by the Healthcare & Public Health Sector Coordinating Councils Public Private Partnership, a group comprised of over 150 cybersecurity and healthcare experts from government and private industry.
Continue Reading

On October 22, 2018, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP co-hosted a workshop in Brussels on “Can GDPR Work for Health Scientific Research?” with the European Federation of Pharmaceutical Industries and Associations and the Future of Privacy Forum to address the challenges raised by the GDPR in conducting scientific health research.
Continue Reading

Recently, the U.S. Department of Health and Human Services’ Office for Civil Rights entered into a resolution agreement and record settlement of $16 million with Anthem, Inc. following Anthem’s 2015 data breach, the largest breach of protected health information in history that affected approximately 79 million individuals.
Continue Reading

On June 6, 2018, the Eleventh Circuit vacated a 2016 Federal Trade Commission order compelling LabMD to implement a “comprehensive information security program that is reasonably designed to protect the security, confidentiality, and integrity of personal information collected from or about consumers.” The Eleventh Circuit agreed with LabMD that the FTC order was unenforceable because it did not direct the company to stop any “unfair act or practice” within the meaning of Section 5a of the Federal Trade Commission Act.
Continue Reading