Tag Archives: HIPAA

FTC Releases Interactive Tool for Mobile Health Apps

The Federal Trade Commission recently released an interactive tool for mobile health apps. The tool was developed in conjunction with several other federal agencies, including the Department of Health and Human Services’ Office for Civil Rights, the Office of the National Coordinator for Health Information Technology, and the Food and Drug Administration.… Continue Reading

How to Safeguard Privacy and Data Security in Corporate Transactions

In a recent article published by Corporate Counsel, Hunton & Williams partner Lisa Sotto and associate Ryan Logan discuss the privacy and data security-related legal issues that arise in corporate transactions, and provide a how-to guide on addressing those issues during the various stages of a transaction.… Continue Reading

HHS Releases Guidance on Health Apps and HIPAA Security Rule Crosswalk

Recently, the U.S. Department of Health and Human Services Office for Civil Rights published guidance on the use of mobile health apps as well as a crosswalk that maps the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Framework to the HIPAA Security Rule.… Continue Reading

HIPAA Settlement Emphasizes Importance of Risk Analyses

On December 14, 2015, the U.S. Department of Health and Human Services’ Office for Civil Rights announced that it had settled potential HIPAA Security Rule violations with the University of Washington on behalf of the university’s medical center, medical school and affiliated labs and clinics. … Continue Reading

Wyndham Settles FTC Charges in FTC v. Wyndham

On December 9, 2015, the FTC announced that Wyndham Worldwide Corporation settled charges brought by the FTC stemming from allegations that the company unfairly failed to maintain reasonable data security practices.… Continue Reading

Data Security Act Introduced in New York State Assembly

On April 8, 2015, a New York Assemblyman introduced the Data Security Act in the New York State Assembly that would require New York businesses to implement and maintain information security safeguards. The Data Security Act also expands the scope of New York’s breach notification law.… Continue Reading

Delaware Enacts New Data Destruction Law

On July 1, 2014, Delaware Governor Jack Markell signed into law a bill that creates new safe destruction requirements for the disposal of business records containing consumer personal information. The law will take effect on January 1, 2015.… Continue Reading

HHS Settles Case Involving Unattended Medical Records

On June 23, 2014, the Department of Health and Human Services announced a resolution agreement and 800,000 USD settlement with Parkview Health System, Inc. following a complaint involving patient medical records that were left unattended on a physician’s driveway. … Continue Reading
LexBlog