While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently submitted two annual reports to Congress setting forth a summary of complaints and breaches reported to the OCR during...more
2/22/2023
/ Breach Notification Rule ,
Civil Monetary Penalty ,
Compliance ,
Corrective Action Plans (CAPs) ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
NIST ,
OCR ,
PHI ,
Risk Management
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On September 26, 2018, a record settlement was reached between Uber and the attorneys general of all 50 states and the District of Columbia over the company’s 2016 data breach. While this case presents an extreme example of...more