Privacy and data protection continue to be an exploding area of focus for regulators in the United States and beyond. This report gives in-house counsel and others responsible for privacy and data protection an overview of some of the major developments in this area in 2013 around the globe, as well as a prediction of what is to come in 2014.
by Daniel F. Gottlieb and Edward G. Zacharias
The compliance date for the omnibus final rule amending the privacy, security, breach notification and enforcement regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act is less than two months away for health care providers, health plans, other covered entities and their business associates. The changes require covered entities and their business associates to conduct a security risk assessment; revise their existing privacy, security and breach notification policies and procedures; amend their business associate agreements; and retrain their workforce on the revised policies.
The final rule includes the following changes:
by Jorge R. Arciniega, Elisabeth Malis Morgan and Heather Egan Sussman
The U.S. Federal Trade Commission (FTC) released updated guidance on how to make online advertising and marketing disclosures “clear and conspicuous” to avoid consumer deception. The guidelines affect the structure and format of digital advertisements and marketing initiatives such as the use of endorsements and testimonials.
To read the full article, click here.
by Amy M. Gordon and Jamie A. Weyeneth
Final HIPAA privacy and security regulations issued by the U.S. Department of Health and Human services will require action by group health plan sponsors by September 2013.
To read the full article, click here.
by Bernadette Broccolo, Daniel F. Gottlieb, Jennifer S. Geetter, Ryan S. Higgins, Amy Hooper Kearbey and Edward G. Zacharias
The Office for Civil Rights of the U.S. Department of Health and Human Services published final modifications to the privacy, security and breach notification standards under HIPAA and the HITECH Act, which require covered entities and business associates to update their policies, procedures, agreements, security measures and operations to comply with new restrictions and requirements, and to benefit from new flexibility.
To read the full White Paper, click here.
by Daniel F Gottlieb, Heather Egan Sussman and Randall J. Ortman
A new Federal Trade Commission report urges mobile app platforms and developers to better inform consumers about their privacy practices. Mobile app platforms and developers should review their privacy policies to ensure accuracy, transparency and appropriate level of consumer choice.
To read the full article, click here.
For more information, please contact Heather Egan Sussman, Daniel F. Gottlieb or Rohan Massey.
Privacy and data protection continue to be an exploding area of focus for regulators in the United States and beyond. This Special Report gives in-house counsel and others responsible for privacy and data protection an overview of some of the major developments in this area in 2012 around the globe, as well as a prediction of what is to come in 2013.
To read the full article, click here.
by Amy M. Gordon, Susan M. Nash and Jamie A. Weyeneth
The Health Insurance Portability and Accountability Act omnibus regulations recently released by the U.S. Department of Health and Human Services have significant ramifications for business associates and subcontractors of business associates.
To read the full article, click here.
by Volker Teigelkötter and Bettina Holzberger
In 2009, the German public was shaken by several scandals that revealed a number of international companies systematically, continuously and comprehensively monitored their employees’ personal data. This included spying on employees’ private bank accounts and secretly observing employees in their offices via hidden video surveillance.
Even though the general Federal Data Protection Act (the BDSG) was effective at the time, the German Government came to the welcome conclusion that it was necessary to implement a data protection act dedicated to the particularly sensitive relationship between employers and employees, with the primary objective of protecting employees and their right to privacy.
To read the full article, click here.
by Jennifer S. Geetter, Amy M. Gordon, Daniel F. Gottlieb and Amy Hooper Kearbey
Office of Civil Rights has released additional guidance addressing the de-identification of protected health information in accordance with the HIPAA Privacy Rule. Covered entities should review their current de-identification methods and make any necessary changes to comply with the new guidance.
To read the full article, click here.
Subscribe
