The Bill’s provisions on international data transfers are most relevant to foreign companies that do business in Brazil.
The Brazilian government has issued a Bill for the Protection of Personal Data (Bill) for public...more
The launch of Phase 2 HIPAA audits is imminent. Although any individual hospital has only a small chance of getting audited, preparation helps protect a hospital if it is ever investigated for potential HIPAA violations. In...more
President Obama’s new proposed Personal Data Notification and Protection Act provides a national standard for companies responding to security breaches....more
California continues to lead the way in passing new or updating existing data protection legislation.
The weekly disclosure of new data breaches that involve retail and other corporations has focused the general public...more
The new law sets up one of the most robust data protection regimes in the United States and is relevant to any business that collects personal information nationwide....more
As of January 1, security breach notifications must be provided to consumers when certain account information is compromised.
On September 27, California Governor Jerry Brown signed into law Senate Bill No. 46 (S.B....more
The state continues to lead the United States in the data privacy and security field by giving minors an Internet “delete” option and requiring disclosures about “do not track” practices.
In September 2013, California...more
FDA issues safety communication and draft guidance clarifying that manufacturers are responsible for addressing cybersecurity risks related to their medical devices....more
6/17/2013
CMS and OIG issue similar proposed rules to modify the electronic health record exception and safe harbor.
On April 10, the Centers for Medicare & Medicaid Services (CMS) and the Office of Inspector General (OIG) of...more
Rule finalizes many provisions of the proposed rule, imposing new privacy and security obligations directly on business associates and modifying the definition of "breach" and the required factors to be considered in a risk...more
1/21/2013
/ Business Associates ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
GINA ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Omnibus Rule ,
HITECH Act ,
Notice Requirements ,
OCR ,
PHI ,
Risk Assessment
Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more
Recent FTC and California Attorney General actions highlight the need to reassess privacy policies.
The Federal Trade Commission (FTC) recently ordered the data brokerage industry to provide information on the collection...more
1/3/2013
/ Attorney General ,
COPPA ,
Data Collection ,
Data Protection ,
Delta Airlines ,
Federal Trade Commission (FTC) ,
Kamala Harris ,
Mobile Apps ,
Notice Requirements ,
Online Privacy Protection Act ,
Parental Consent ,
Personally Identifiable Information ,
Privacy Policy