On October 31, 2023, the Department of Health and Human Services announced the issuance of a settlement agreement with Doctors’ Management Services, a Massachusetts-based medical management company, related to alleged violations of the Health Insurance Portability and Accountability Act’s Privacy and Security Rules.
Continue Reading HHS Announces First HIPAA Settlement Agreement Involving Ransomware Attack
Massachusetts
Massachusetts Sports Wagering and Data Privacy Regulations Take Effect
On August 8, 2023, the Massachusetts Gaming Commission approved 205 CMR 257: Sports Wagering Data Privacy, a set of regulations designed to create new rights and obligations with respect to sports betting operators’ use of patrons’ Confidential Information or Personally Identifiable Information. The regulations took effect on September 1, 2023.
Continue Reading Massachusetts Sports Wagering and Data Privacy Regulations Take Effect
Attorneys General Launch Investigation into TikTok’s Effects on Children
On March 2, 2022, eight states announced a bipartisan, nationwide investigation into whether TikTok operates in a way that causes or exacerbates harm to the physical and mental health of children, teens and young adults. …
Continue Reading Attorneys General Launch Investigation into TikTok’s Effects on Children
Court Approves Settlement with HelloFresh Over Alleged TCPA Violations
On October 15, 2021, the U.S. District Court for the District of Massachusetts entered a final order approving a $14 million class action settlement resolving claims against Hello Fresh for alleged violations of the Telephone Consumer Protection Act, 47 U.S.C. § 227, et seq. According to plaintiffs’ attorneys, this settlement is the largest TCPA class action settlement in Massachusetts state history.
Continue Reading Court Approves Settlement with HelloFresh Over Alleged TCPA Violations
Massachusetts Amends Data Breach Law; Imposes Additional Requirements
On January 10, 2019, Massachusetts Governor Charlie Baker signed legislation amending the state’s data breach law, and the amendments take effect on April 11, 2019. This blog entry provides highlights on the Act. …
Continue Reading Massachusetts Amends Data Breach Law; Imposes Additional Requirements
Massachusetts AG Settles Geofencing Case
On April 4, 2017, the Massachusetts Attorney General’s office announced a settlement with Copley Advertising LLC in a case involving geofencing. …
Continue Reading Massachusetts AG Settles Geofencing Case
Massachusetts Attorney General Reaches Settlement with Boston Hospital Over Data Security Allegations
On November 21, 2014, Massachusetts Attorney General Martha Coakley announced that Boston hospital Beth Israel Deaconess Medical Center has agreed to a settlement related to a data breach that affected the personal and protected health information of nearly 4,000 patients and employees. …
Continue Reading Massachusetts Attorney General Reaches Settlement with Boston Hospital Over Data Security Allegations
Massachusetts Court Ruling Benefits Plaintiff in Zip Code Case
On March 11, 2013, in Tyler v. Michaels Stores, Inc., the Massachusetts Supreme Judicial Court effectively reinstated the suit against the retailer by answering favorably for the plaintiff three certified questions from the United States District Court for the District of Massachusetts regarding Massachusetts General Laws Chapter 93, Section 105(a) entitled “Consumer Privacy in Commercial Transactions” (“Section 105(a)”). The court ruled that (1) a ZIP code constitutes personal identification information under the Massachusetts law; (2) a plaintiff may bring an action for a violation of the Massachusetts law absent identity fraud; and (3) the term “credit card transaction form” refers equally to electronic and paper transaction forms. The Massachusetts court’s determination that a ZIP code constitutes personal identification information is similar to the determination in Pineda v. Williams-Sonoma Stores, Inc., in which the California Supreme Court held that ZIP codes are “personal identification information” under California’s Song-Beverly Credit Card Act. More than 15 states, including Massachusetts and California, have statutes limiting the type of information that retailers can collect from customers.
Continue Reading Massachusetts Court Ruling Benefits Plaintiff in Zip Code Case
Medical Practices Agree to $140,000 Settlement with Massachusetts Attorney General
On January 7, 2013, Massachusetts Attorney General Martha Coakley announced that several Massachusetts medical practices have agreed to a consent judgment and $140,000 payment to settle charges they improperly disposed of medical information at a public waste management facility.
Continue Reading Medical Practices Agree to $140,000 Settlement with Massachusetts Attorney General
HHS Announces $1.5 Million HIPAA Settlement with Massachusetts Facilities
On September 17, 2012, the Department of Health and Human Services announced a $1.5 million settlement with the Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates Inc. for potential violations of the HIPAA Security Rule.
Continue Reading HHS Announces $1.5 Million HIPAA Settlement with Massachusetts Facilities