2009, Insurance and Privacy - Information Management Today

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity

Cybersecurity Privacy Insurance Risk

HHS Issues Proposed Rule Modernizing HIPAA Privacy Rule

Data Matters

DECEMBER 15, 2020

HHS stated that the Proposed Rule is intended to reduce burdens that may limit or discourage care coordination and case management communications among individuals and HIPAA-covered entities while continuing to protect the privacy of individuals. Notice of Privacy Practices Changes. Identity Verification.

Privacy

Privacy Access Insurance Communications

Connecticut AG Announces Agreement with MetLife over 2009 Breach Incident

Hunton Privacy

JANUARY 27, 2012

On January 24, 2011, Connecticut Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein announced that they had reached an Assurance of Voluntary Compliance (“AVC”) with Metropolitan Life Insurance Co.

Insurance

Insurance Compliance Security IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

U.S. Department of Health and Human Services Expands Its Health Information Privacy Enforcement Team

Hunton Privacy

AUGUST 10, 2009

In a move that portends increased enforcement of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy Rule, the Department of Health and Human Services (“HHS”) has created two new positions on its health information privacy enforcement team.

Privacy

Privacy IT Insurance Compliance

Nationwide Agrees to Pay $5.5 Million to Settle Multistate Data Breach Investigation

Hunton Privacy

AUGUST 10, 2017

On August 9, 2017, Nationwide Mutual Insurance Co. In October 2012, Nationwide and its affiliate, Allied Property & Casualty Insurance Co. According to the attorneys general, Nationwide and Allied had failed to deploy a critical software patch that was released in 2009 to address the vulnerability. million individuals. .

Data breaches

Data breaches Insurance Data collection Risk

HHS Announces 1.7 Million Dollar Settlement with WellPoint for Potential HIPAA Privacy and Security Rule Violations

Hunton Privacy

JULY 12, 2013

The WellPoint settlement relates to an Internet-based application database that was not properly secured, resulting in the online exposure of health insurance applicants’ electronic protected health information (“ePHI”), including names, addresses and Social Security numbers, for a period of six months from October 2009 to March 2010.

Privacy

Privacy Security Insurance Access

HHS Issues Final Omnibus Rule Modifying HIPAA Privacy, Security, Enforcement and Breach Notification Rules

Hunton Privacy

JANUARY 17, 2013

The Final Rule comes two and a half years after the proposed rule was published in July 2010.

Privacy

Privacy Security Insurance Marketing

Alleged Violations of a Privacy Policy

Hunton Privacy

FEBRUARY 4, 2009

A recent federal court decision offers a detailed analysis of several theories of liability for violations of a privacy policy. 08-3535, 2009 WL 43098 (E.D. January 7, 2009). Jackson Hewitt Tax Service Inc., Plaintiff Pinero visited Jackson Hewitt Tax Service in Louisiana to have her tax returns prepared.

Privacy

Privacy Insurance Risk Access

California Medical Privacy Laws

Hunton Privacy

JANUARY 22, 2009

Two California medical privacy laws became effective on January 1, 2009. In contrast, other medical privacy regulations, including the Privacy Rule promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), focus only on the unauthorized use or disclosure of protected health information.

Privacy

Privacy Insurance Access Security

HHS Issues Modifications to the HIPAA Privacy, Security and Enforcement Rules

Hunton Privacy

JULY 8, 2010

On July 8, 2010, the Department of Health and Human Services (“HHS”) issued a notice of proposed rulemaking to modify the Privacy, Security and Enforcement Rules promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996.

Privacy

Privacy Security Marketing Insurance

Update: Privacy and the Protection of Personal Information in China

Hunton Privacy

FEBRUARY 16, 2011

In our August 2009 blog post on data protection issues in China, we noted that there was no uniform Chinese law that specifically addresses the protection of personal data, and that it seemed likely that Chinese personal information protection law would continue to develop as a patchwork of piecemeal regulations.

Privacy

Privacy Insurance Personal data IT

Ransomware Health Data Breach Affects 500,000 Patients

Hunton Privacy

JUNE 30, 2017

The attack is the second largest health data breach recorded by the Office for Civil Rights (“OCR”) this year, and the largest ransomware incident recorded by OCR since it began tracking incidents in 2009. According to Airway Oxygen’s statement , the company discovered the presence of ransomware on its systems in April 2017.

Data breaches

Data breaches Ransomware Insurance Access

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

Hunton Privacy

JANUARY 6, 2010

On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire.

Privacy

Privacy Security Encryption Communications

HHS Official Reports Uptick in HIPAA Security Rule Enforcement

Hunton Privacy

MAY 14, 2010

Prior to 2009, HHS divided civil enforcement responsibility for HIPAA between OCR, which enforced the HIPAA Privacy Rule, and the Centers for Medicare and Medicaid Services (“CMS”), which enforced the HIPAA Security Rule.

Security

Security CMS Compliance Privacy

Connecticut AG Files First HITECH Act Suit

Hunton Privacy

JANUARY 15, 2010

The case marks the first action by a state attorney general under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act to enforce provisions of the Health Insurance Portability and Accountability Act (“HIPAA”). Health Net did not begin notifying affected individuals until November 2009.

Insurance

Insurance Privacy Security Encryption

New Self-Regulatory Principles for Multi-Site Data

Hunton Privacy

NOVEMBER 10, 2011

The Principles are designed to supplement the Self-Regulatory Principles for Online Behavioral Advertising which were issued in July 2009. In a press release announcing the Multi-Site Data Principles, the DAA stated that they adopted many of the FTC’s recommendations from its recent privacy report.

Data collection

Data collection Insurance Privacy Marketing

Data Security Breach Notification Law Update

Hunton Privacy

AUGUST 5, 2009

The Missouri law’s noteworthy provisions include a broad definition of personal information that encompasses medical and health insurance information and a requirement to notify consumer reporting agencies and the state attorney general if more than 1,000 consumers are being notified of a security breach.

Security

Security Data breaches Insurance Data Privacy

Connecticut Fines Health Net $375,000 for Data Breach

Hunton Privacy

NOVEMBER 10, 2010

On November 8, 2010, Connecticut Insurance Commissioner Thomas Sullivan announced that Health Net of Connecticut, Inc. (“Health Net”) had agreed to pay $375,000 in penalties for failing to safeguard the personal information of its members from misuse by third parties.

Data breaches

Data breaches Insurance Security IT

Rite Aid Pharmacy Pays $1 Million; Settles FTC and HHS Charges Regarding Data Practices

Hunton Privacy

JULY 28, 2010

Although you have the right not to disclose your medical history, Rite Aid would like to assure you that we respect and protect your privacy.” At the same time, HHS began investigating the pharmacies’ disposal of health information protected by the Health Insurance Portability and Accountability Act.

Insurance

Insurance Compliance Privacy Information Security

Interim Final Rule Implements Increased Penalties for HIPAA Violations

Hunton Privacy

OCTOBER 30, 2009

The interim final rule is expected to be published in the Federal Register on October 30, 2009 and takes effect on November 30, 2009. The rule applies to violations of the Health Insurance Portability and Accountability Act of 2003 (“HIPAA”) that occur on or after February 18, 2009. million per calendar year.

Insurance

Insurance Access IT Privacy

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

Data Matters

NOVEMBER 5, 2018

The Federal Highway Administration will pursue an updated to the 2009 Manual on Uniform Traffic Control Devices that will take into consideration the rapid development of automated technologies and other needs. Department of Transportation Issues Third Round of Guidance on Automated Vehicles appeared first on Data Matters Privacy Blog.

Cybersecurity

Cybersecurity Government Communications Privacy

Becoming HITECH: Actions Covered Entities and Business Associates Should Take Now to Comply with the Requirements of the HITECH Act

Hunton Privacy

SEPTEMBER 23, 2009

The Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), which was signed into law in February 2009 as part of the economic stimulus package, substantially impacts requirements imposed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Insurance

Insurance Compliance Privacy Security

Agencies Issue Final Rules on Credit Report Accuracy under FACTA

Hunton Privacy

JULY 16, 2009

The accuracy and integrity of information contained in credit reports is critical to individual consumers, as this information is used to assess eligibility for credit, employment, insurance and housing, and consumers with errors in their credit reports may be denied access to benefits.

Insurance

Insurance Access IT Privacy

FTC and HHS Issue Final Breach Notification Rules

Hunton Privacy

AUGUST 28, 2009

The FTC Final Rule applies to all breaches discovered on or after September 24, 2009, and to “foreign and domestic vendors of personal health records, PHR related entities, and third party service providers” that “maintain information of U.S. citizens or residents.”

Insurance

Insurance Compliance Encryption Information Security

HIPAA Penalty Caps to Be Reduced and Tied to Culpability Level

HL Chronicle of Data Protection

APRIL 29, 2019

Under the HITECH Act of February 2009, Congress strengthened HHS’s HIPAA enforcement authority by authorizing increased minimum and maximum potential Civil Monetary Penalties (CMPs) for HIPAA violations. Background on HHS’s Enforcement Authority. 4) the violation was due to willful neglect that is not timely corrected.

Compliance

Compliance IT Insurance Privacy

Google Responds: No,That’s Not How Facebook Deal Went Down (Oh, And I Say: The Search Paradigm Is Broken)

John Battelle's Searchblog

JANUARY 12, 2012

In that story, I reported about 2009 negotiations over incorporation of Facebook data into Google search. In 2009, we were negotiating with Facebook over access to its data, as has been reported. To claim that the we couldn’t reach an agreement because Google wanted to make private data publicly available is simply untrue.”.

Search queries

Search queries Privacy IT Insurance

New HIPAA Omnibus Rule: A Compliance Guide

Hunton Privacy

JANUARY 25, 2013

On January 17, 2013, the Department of Health and Human Services’ (“HHS’”) Office for Civil Rights (“OCR”) released its long-anticipated megarule (“Omnibus Rule”) amending the HIPAA Privacy, Security, Breach Notification and Enforcement Rules. Changes to the Breach Notification Framework.

Compliance

Compliance Communications Privacy Sales

Digital Health Industry Take Note: New HIPAA Comment Opportunity and Guidance Addresses Growing Risk of Cybersecurity Attacks

Data Matters

MAY 6, 2022

Digital health companies should take note of new data privacy and security developments under the Health Insurance Portability and Accountability Act (HIPAA) that can affect product planning and customer negotiations. RFI Regarding Recognized Security Practices.

Risk

Risk Cybersecurity Insurance Authentication

The New Wave of Consumer Class Actions Targeting Retailers: What is the TCCWNA?

Hunton Privacy

JUNE 21, 2016

As a result, a wide variety of terms and conditions commonly found on many retailers’ websites, including exculpatory, indemnification, choice of law, severability, savings, privacy and limitation of liability provisions, have been coming under increasing scrutiny. But, in the past five or six years, things have changed.

Retail

Retail Compliance Insurance Risk

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

This part also discusses managing CS risks such as ransomware, privacy, change management, and user adoption. The PoC may focus on user adoption of new tools and processes, reports, inter-operability with existing systems, threat risk assessment, security, and privacy, depending on the data that will eventually be stored in the cloud.

Digital transformation

Digital transformation Risk IT Computer and Electronics

The Indian Business Responsibility and Sustainability Report (BRSR) explained

IBM Big Data Hub

JULY 6, 2023

These new reporting standards represent an evolution from the voluntary guidelines first issued in 2009 by India’s Ministry of Corporate Affairs, which were further refined in the Business Responsibility Report (BRR) of 2012. Businesses should respect and promote the well-being of all employees, including those in their value chains.

Insurance

Insurance Government Data structuring Communications

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Hunton Privacy

APRIL 3, 2009

On March 20, 2009, the Federal Trade Commission (“FTC”) published its long-awaited guide to the Red Flags Rule (the “Rule”), entitled “Fighting Fraud with Red Flags Rule: A How-To Guide for Business.” For entities subject to the FTC’s jurisdiction, the relevant compliance deadline is May 1, 2009.

Compliance

Compliance Retail Insurance Manufacturing

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Founded in 2009, a16z already has an extensive track record of success, investing in over 500 companies and producing 160 exits. Formerly located in Cambridge, Massachusetts, Greylock migrated headquarters to Menlo Park, California, in 2009. EEP Investments. Insight Partners. Insight Investments.

Cybersecurity

Cybersecurity Cloud Marketing Security

Information Management Today

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

HHS Issues Proposed Rule Modernizing HIPAA Privacy Rule

Webinars

Trending Sources

Connecticut AG Announces Agreement with MetLife over 2009 Breach Incident

Webinars

U.S. Department of Health and Human Services Expands Its Health Information Privacy Enforcement Team

Nationwide Agrees to Pay $5.5 Million to Settle Multistate Data Breach Investigation

HHS Announces 1.7 Million Dollar Settlement with WellPoint for Potential HIPAA Privacy and Security Rule Violations

HHS Issues Final Omnibus Rule Modifying HIPAA Privacy, Security, Enforcement and Breach Notification Rules

Alleged Violations of a Privacy Policy

California Medical Privacy Laws

HHS Issues Modifications to the HIPAA Privacy, Security and Enforcement Rules

Update: Privacy and the Protection of Personal Information in China

Ransomware Health Data Breach Affects 500,000 Patients

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

HHS Official Reports Uptick in HIPAA Security Rule Enforcement

Connecticut AG Files First HITECH Act Suit

New Self-Regulatory Principles for Multi-Site Data

Data Security Breach Notification Law Update

Connecticut Fines Health Net $375,000 for Data Breach

Rite Aid Pharmacy Pays $1 Million; Settles FTC and HHS Charges Regarding Data Practices

Interim Final Rule Implements Increased Penalties for HIPAA Violations

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

Becoming HITECH: Actions Covered Entities and Business Associates Should Take Now to Comply with the Requirements of the HITECH Act

Agencies Issue Final Rules on Credit Report Accuracy under FACTA

FTC and HHS Issue Final Breach Notification Rules

HIPAA Penalty Caps to Be Reduced and Tied to Culpability Level

Google Responds: No,That’s Not How Facebook Deal Went Down (Oh, And I Say: The Search Paradigm Is Broken)

New HIPAA Omnibus Rule: A Compliance Guide

Digital Health Industry Take Note: New HIPAA Comment Opportunity and Guidance Addresses Growing Risk of Cybersecurity Attacks

The New Wave of Consumer Class Actions Targeting Retailers: What is the TCCWNA?

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

The Indian Business Responsibility and Sustainability Report (BRSR) explained

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Top VC Firms in Cybersecurity of 2022

Stay Connected