OCR proposes to share HIPAA data breach settlements with victims

By on May 22, 2018 Posted in Data breach

Data Protection Report - Norton Rose Fulbright

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) plans to issue an advance notice of proposed rulemaking this November on potentially sharing HIPAA breach settlements with victims.… Continue reading

Anthem breach poses significant cybersecurity risks for Anthem’s customers; may trigger legal obligations

By on February 8, 2015 Posted in Compliance and risk management, Data breach

Organizations whose employees are insured by Anthem or whose self-insured health plans are administered by Anthem should consider steps to mitigate the cybersecurity and legal risk arising from the breach recently reported by Anthem. The hackers who perpetrated the Anthem breach are likely to use the personal information they took for further cyberattacks against affected … Continue reading

Encryption of patient personal information to be the law of the land in New Jersey

By on January 28, 2015 Posted in General

Following a number of reports of theft and misplacement of computer disks, laptops, and thumb drives containing unencrypted patient information from New Jersey medical centers, the New Jersey state legislature enacted a law on January 9, 2015, which prohibits health insurance carriers from electronically compiling and maintaining certain patient information unless that information has been … Continue reading