2009, Insurance, Privacy and Security - Information Management Today

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity

Cybersecurity Privacy Insurance Risk

HHS Issues Proposed Rule Modernizing HIPAA Privacy Rule

Data Matters

DECEMBER 15, 2020

HHS stated that the Proposed Rule is intended to reduce burdens that may limit or discourage care coordination and case management communications among individuals and HIPAA-covered entities while continuing to protect the privacy of individuals. Notice of Privacy Practices Changes. Identity Verification.

Privacy

Privacy Access Insurance Communications

Connecticut AG Announces Agreement with MetLife over 2009 Breach Incident

Hunton Privacy

JANUARY 27, 2012

On January 24, 2011, Connecticut Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein announced that they had reached an Assurance of Voluntary Compliance (“AVC”) with Metropolitan Life Insurance Co.

Insurance

Insurance Compliance Security IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

HHS Issues Final Omnibus Rule Modifying HIPAA Privacy, Security, Enforcement and Breach Notification Rules

Hunton Privacy

JANUARY 17, 2013

The Final Rule comes two and a half years after the proposed rule was published in July 2010. The Final Rule comes two and a half years after the proposed rule was published in July 2010.

Privacy

Privacy Security Insurance Marketing

HHS Announces 1.7 Million Dollar Settlement with WellPoint for Potential HIPAA Privacy and Security Rule Violations

Hunton Privacy

JULY 12, 2013

following a security breach that affected over 600,000 individuals. Following the submission of a breach report to the HHS Office for Civil Rights (“OCR”), an investigation determined that WellPoint had not complied with HIPAA Privacy and Security Rule requirements. million settlement with WellPoint Inc.

Privacy

Privacy Security Insurance Access

HHS Issues Modifications to the HIPAA Privacy, Security and Enforcement Rules

Hunton Privacy

JULY 8, 2010

On July 8, 2010, the Department of Health and Human Services (“HHS”) issued a notice of proposed rulemaking to modify the Privacy, Security and Enforcement Rules promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996.

Privacy

Privacy Security Marketing Insurance

Nationwide Agrees to Pay $5.5 Million to Settle Multistate Data Breach Investigation

Hunton Privacy

AUGUST 10, 2017

On August 9, 2017, Nationwide Mutual Insurance Co. In October 2012, Nationwide and its affiliate, Allied Property & Casualty Insurance Co. According to the attorneys general, Nationwide and Allied had failed to deploy a critical software patch that was released in 2009 to address the vulnerability. million individuals. .

Data breaches

Data breaches Insurance Data collection Risk

HHS Official Reports Uptick in HIPAA Security Rule Enforcement

Hunton Privacy

MAY 14, 2010

Prior to 2009, HHS divided civil enforcement responsibility for HIPAA between OCR, which enforced the HIPAA Privacy Rule, and the Centers for Medicare and Medicaid Services (“CMS”), which enforced the HIPAA Security Rule.

Security

Security CMS Compliance Privacy

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

Hunton Privacy

JANUARY 6, 2010

On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire.

Privacy

Privacy Security Encryption Communications

Data Security Breach Notification Law Update

Hunton Privacy

AUGUST 5, 2009

July saw a flurry of activity involving data security breach notification laws. . On July 22, Senator Patrick Leahy reintroduced a comprehensive federal data security bill calling it one of his “highest legislative priorities.”. The Missouri law goes into effect August 28, 2009.

Security

Security Data breaches Insurance Data Privacy

California Medical Privacy Laws

Hunton Privacy

JANUARY 22, 2009

Two California medical privacy laws became effective on January 1, 2009. In contrast, other medical privacy regulations, including the Privacy Rule promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), focus only on the unauthorized use or disclosure of protected health information.

Privacy

Privacy Insurance Access Security

Alleged Violations of a Privacy Policy

Hunton Privacy

FEBRUARY 4, 2009

A recent federal court decision offers a detailed analysis of several theories of liability for violations of a privacy policy. 08-3535, 2009 WL 43098 (E.D. January 7, 2009). Jackson Hewitt Tax Service Inc., Plaintiff Pinero visited Jackson Hewitt Tax Service in Louisiana to have her tax returns prepared.

Privacy

Privacy Insurance Risk Access

Update: Privacy and the Protection of Personal Information in China

Hunton Privacy

FEBRUARY 16, 2011

In our August 2009 blog post on data protection issues in China, we noted that there was no uniform Chinese law that specifically addresses the protection of personal data, and that it seemed likely that Chinese personal information protection law would continue to develop as a patchwork of piecemeal regulations.

Privacy

Privacy Insurance Personal data IT

Ransomware Health Data Breach Affects 500,000 Patients

Hunton Privacy

JUNE 30, 2017

The attack is the second largest health data breach recorded by the Office for Civil Rights (“OCR”) this year, and the largest ransomware incident recorded by OCR since it began tracking incidents in 2009. According to Airway Oxygen’s statement , the company discovered the presence of ransomware on its systems in April 2017.

Data breaches

Data breaches Ransomware Insurance Access

Connecticut AG Files First HITECH Act Suit

Hunton Privacy

JANUARY 15, 2010

for allegedly failing to secure private patient medical records and financial information involving hundreds of thousands of Connecticut enrollees and promptly notify consumers endangered by the security breach. Health Net did not begin notifying affected individuals until November 2009. In a lawsuit he described as “[s]adly.

Insurance

Insurance Privacy Security Encryption

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

Data Matters

NOVEMBER 5, 2018

The Federal Highway Administration will pursue an updated to the 2009 Manual on Uniform Traffic Control Devices that will take into consideration the rapid development of automated technologies and other needs. Department of Transportation Issues Third Round of Guidance on Automated Vehicles appeared first on Data Matters Privacy Blog.

Cybersecurity

Cybersecurity Government Communications Privacy

Rite Aid Pharmacy Pays $1 Million; Settles FTC and HHS Charges Regarding Data Practices

Hunton Privacy

JULY 28, 2010

Although you have the right not to disclose your medical history, Rite Aid would like to assure you that we respect and protect your privacy.” At the same time, HHS began investigating the pharmacies’ disposal of health information protected by the Health Insurance Portability and Accountability Act.

Insurance

Insurance Compliance Privacy Information Security

Connecticut Fines Health Net $375,000 for Data Breach

Hunton Privacy

NOVEMBER 10, 2010

On November 8, 2010, Connecticut Insurance Commissioner Thomas Sullivan announced that Health Net of Connecticut, Inc. (“Health Net”) had agreed to pay $375,000 in penalties for failing to safeguard the personal information of its members from misuse by third parties.

Data breaches

Data breaches Insurance Security IT

FTC and HHS Issue Final Breach Notification Rules

Hunton Privacy

AUGUST 28, 2009

On August 17, the Federal Trade Commission (“FTC”) issued a final rule (“FTC Final Rule”) addressing security breaches of personal health records (“PHRs”). Full compliance is required by February 22, 2010. The FTC Final Rule requires PHR vendors and PHR related entities to notify U.S.

Insurance

Insurance Compliance Encryption Information Security

Becoming HITECH: Actions Covered Entities and Business Associates Should Take Now to Comply with the Requirements of the HITECH Act

Hunton Privacy

SEPTEMBER 23, 2009

The Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), which was signed into law in February 2009 as part of the economic stimulus package, substantially impacts requirements imposed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Insurance

Insurance Compliance Privacy Security

New HIPAA Omnibus Rule: A Compliance Guide

Hunton Privacy

JANUARY 25, 2013

On January 17, 2013, the Department of Health and Human Services’ (“HHS’”) Office for Civil Rights (“OCR”) released its long-anticipated megarule (“Omnibus Rule”) amending the HIPAA Privacy, Security, Breach Notification and Enforcement Rules. Changes to the Breach Notification Framework.

Compliance

Compliance Communications Privacy Sales

Digital Health Industry Take Note: New HIPAA Comment Opportunity and Guidance Addresses Growing Risk of Cybersecurity Attacks

Data Matters

MAY 6, 2022

Digital health companies should take note of new data privacy and security developments under the Health Insurance Portability and Accountability Act (HIPAA) that can affect product planning and customer negotiations. RFI Regarding Recognized Security Practices.

Risk

Risk Cybersecurity Insurance Authentication

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

This part also discusses managing CS risks such as ransomware, privacy, change management, and user adoption. Commissioned by organizers to predict worst-case scenarios for the Munich games, [Georg] Sieber came up with a range of possibilities, from explosions to plane crashes, for which security teams should be prepared. Introduction.

Digital transformation

Digital transformation Risk IT Computer and Electronics

The Indian Business Responsibility and Sustainability Report (BRSR) explained

IBM Big Data Hub

JULY 6, 2023

These new reporting standards represent an evolution from the voluntary guidelines first issued in 2009 by India’s Ministry of Corporate Affairs, which were further refined in the Business Responsibility Report (BRR) of 2012. Businesses should respect and promote the well-being of all employees, including those in their value chains.

Insurance

Insurance Government Data structuring Communications

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Hunton Privacy

APRIL 3, 2009

On March 20, 2009, the Federal Trade Commission (“FTC”) published its long-awaited guide to the Red Flags Rule (the “Rule”), entitled “Fighting Fraud with Red Flags Rule: A How-To Guide for Business.” For entities subject to the FTC’s jurisdiction, the relevant compliance deadline is May 1, 2009.

Compliance

Compliance Retail Insurance Manufacturing

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. How Do VC Firms Work? AllegisCyber Investments.

Cybersecurity

Cybersecurity Cloud Marketing Security

Information Management Today

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

HHS Issues Proposed Rule Modernizing HIPAA Privacy Rule

Webinars

Trending Sources

Connecticut AG Announces Agreement with MetLife over 2009 Breach Incident

Webinars

HHS Issues Final Omnibus Rule Modifying HIPAA Privacy, Security, Enforcement and Breach Notification Rules

HHS Announces 1.7 Million Dollar Settlement with WellPoint for Potential HIPAA Privacy and Security Rule Violations

HHS Issues Modifications to the HIPAA Privacy, Security and Enforcement Rules

Nationwide Agrees to Pay $5.5 Million to Settle Multistate Data Breach Investigation

HHS Official Reports Uptick in HIPAA Security Rule Enforcement

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

Data Security Breach Notification Law Update

California Medical Privacy Laws

Alleged Violations of a Privacy Policy

Update: Privacy and the Protection of Personal Information in China

Ransomware Health Data Breach Affects 500,000 Patients

Connecticut AG Files First HITECH Act Suit

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

Rite Aid Pharmacy Pays $1 Million; Settles FTC and HHS Charges Regarding Data Practices

Connecticut Fines Health Net $375,000 for Data Breach

FTC and HHS Issue Final Breach Notification Rules

Becoming HITECH: Actions Covered Entities and Business Associates Should Take Now to Comply with the Requirements of the HITECH Act

New HIPAA Omnibus Rule: A Compliance Guide

Digital Health Industry Take Note: New HIPAA Comment Opportunity and Guidance Addresses Growing Risk of Cybersecurity Attacks

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

The Indian Business Responsibility and Sustainability Report (BRSR) explained

FTC Publishes Red Flags Rule Compliance Guide; Confirms Broad Interpretation of the Rule

Top VC Firms in Cybersecurity of 2022

Stay Connected