As if compliance with the various federal privacy and data security standards weren’t complicated enough, we may see state courts begin to import these standards into determinations of privacy actions
Continue Reading HIPAA Does Not Preempt State Privacy Cause of Action But May Represent “Standard of Care”, Says Connecticut Supreme Court
HHS
Will Unearthing the FTC’s Data Security Standards Help the Health Care Industry?
As a regulatory lawyer, I frequently find myself parsing words and phrases crafted by legislators and agencies that, all too often, are frustratingly vague or contradictory when applied to a…
Continue Reading Will Unearthing the FTC’s Data Security Standards Help the Health Care Industry?
The Wild West of Data Breach Enforcement by the Feds
Imagine you have completed your HIPAA risk assessment and implemented a robust privacy and security plan designed to meet each criteria of the Omnibus Rule. You think that, should you…
Continue Reading The Wild West of Data Breach Enforcement by the Feds
A Business Associate Agreement Dilemma: To Indemnify or Not to Indemnify – Ten Considerations
The below originally appeared on our HIPAA, HITECH & HIT blog on October 1. It is authored by our partner, Michael Kline. You can contact Michael at mkline@foxrothschild.com.…
Continue Reading A Business Associate Agreement Dilemma: To Indemnify or Not to Indemnify – Ten Considerations
The SAIC Breach and a Look Across the Chasm Between Significant Risk and Actual Harm Resulting from a HIPAA Breach
SAIC’s recent Motion to Dismiss the Consolidated Amended Complaint filed in federal court in Florida as a putative class action highlights the gaps between an incident (like a theft) involving PHI, a determination that a breach of PHI has occurred, and the realization of harm resulting from the breach.
Continue Reading The SAIC Breach and a Look Across the Chasm Between Significant Risk and Actual Harm Resulting from a HIPAA Breach