Privacy and Data Security Archives - Page 12 of 22

Whistleblowing and Data Privacy in France: A New Pragmatic Approach for Employment and Discrimination Claims

by Jilali Maazouz | Feb 20, 2014 | Privacy and Data Security

The French data protection authority has extended the scope of whistleblowing protections to employment and discrimination claims.

Click here to read the full article.

Privacy and Data Protection: 2013 Year in Review

by Daniel F. Gottlieb | Jan 7, 2014 | Health and Welfare Plans, Privacy and Data Security

Privacy and data protection continue to be an exploding area of focus for regulators in the United States and beyond. This report gives in-house counsel and others responsible for privacy and data protection an overview of some of the major developments in this area in 2013 around the globe, as well as a prediction of what is to come in 2014.

Read the full report here.

HIPAA Omnibus Final Rule Compliance Date Is Less Than Two Months Away

by McDermott Will & Emery | Aug 6, 2013 | Health and Welfare Plans, Privacy and Data Security

by Daniel F. Gottlieb and Edward G. Zacharias

The compliance date for the omnibus final rule amending the privacy, security, breach notification and enforcement regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act is less than two months away for health care providers, health plans, other covered entities and their business associates. The changes require covered entities and their business associates to conduct a security risk assessment; revise their existing privacy, security and breach notification policies and procedures; amend their business associate agreements; and retrain their workforce on the revised policies.

The final rule includes the following changes:

Business associates are directly liable for civil money penalties and criminal penalties for violations of the Privacy Rule and Security Rule.
The definition of business associate is expanded to include a subcontractor of a business associate so that subcontractors also are liable for violations of the privacy, security and breach notification standards.
The definition of a breach of unsecured protected health information (PHI) is revised to make it more difficult for a covered entity or business associate to avoid reporting an unauthorized use or disclosure of PHI to the affected individuals and the Office of Civil Rights.
A covered entity generally may not receive cash or other financial remuneration for marketing communications made for a third party’s products or services.
Certain restrictions on the use of compound authorizations in connection with research studies were changed in a way that will simplify secondary uses of PHI for research purposes.

FTC Updates Guidelines for Making Proper Disclosures in Digital Advertising

by McDermott Will & Emery | May 2, 2013 | Privacy and Data Security

by Jorge R. Arciniega, Elisabeth Malis Morgan and Heather Egan Sussman

The U.S. Federal Trade Commission (FTC) released updated guidance on how to make online advertising and marketing disclosures “clear and conspicuous” to avoid consumer deception. The guidelines affect the structure and format of digital advertisements and marketing initiatives such as the use of endorsements and testimonials.

To read the full article, click here.

New HIPAA Regulations Require Action by Group Health Plans

by McDermott Will & Emery | Mar 19, 2013 | Health and Welfare Plans, Privacy and Data Security

by Amy M. Gordon and Jamie A. Weyeneth

Final HIPAA privacy and security regulations issued by the U.S. Department of Health and Human services will require action by group health plan sponsors by September 2013.

To read the full article, click here.

OCR Issues Final Modifications to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules to Implement the HITECH Act

by McDermott Will & Emery | Mar 7, 2013 | Privacy and Data Security

by Bernadette Broccolo, Daniel F. Gottlieb, Jennifer S. Geetter, Ryan S. Higgins, Amy Hooper Kearbey and Edward G. Zacharias

The Office for Civil Rights of the U.S. Department of Health and Human Services published final modifications to the privacy, security and breach notification standards under HIPAA and the HITECH Act, which require covered entities and business associates to update their policies, procedures, agreements, security measures and operations to comply with new restrictions and requirements, and to benefit from new flexibility.

To read the full White Paper, click here.

FTC Recommends Privacy Practices for Mobile Apps

by McDermott Will & Emery | Mar 5, 2013 | Privacy and Data Security

by Daniel F Gottlieb, Heather Egan Sussman and Randall J. Ortman

A new Federal Trade Commission report urges mobile app platforms and developers to better inform consumers about their privacy practices. Mobile app platforms and developers should review their privacy policies to ensure accuracy, transparency and appropriate level of consumer choice.

To read the full article, click here.

Privacy and Data Protection: 2012 Year in Review

by McDermott Will & Emery | Feb 19, 2013 | Privacy and Data Security

For more information, please contact Heather Egan Sussman, Daniel F. Gottlieb or Rohan Massey.

Privacy and data protection continue to be an exploding area of focus for regulators in the United States and beyond. This Special Report gives in-house counsel and others responsible for privacy and data protection an overview of some of the major developments in this area in 2012 around the globe, as well as a prediction of what is to come in 2013.

To read the full article, click here.

New HIPAA Regulations Affect Business Associates and Subcontractors

by McDermott Will & Emery | Feb 14, 2013 | Privacy and Data Security

by Amy M. Gordon, Susan M. Nash and Jamie A. Weyeneth

The Health Insurance Portability and Accountability Act omnibus regulations recently released by the U.S. Department of Health and Human Services have significant ramifications for business associates and subcontractors of business associates.

To read the full article, click here.

Workplace E-mail Monitoring in Germany

by McDermott Will & Emery | Jan 2, 2013 | Employment, Privacy and Data Security

by Volker Teigelkötter and Bettina Holzberger

In 2009, the German public was shaken by several scandals that revealed a number of international companies systematically, continuously and comprehensively monitored their employees’ personal data. This included spying on employees’ private bank accounts and secretly observing employees in their offices via hidden video surveillance.

Even though the general Federal Data Protection Act (the BDSG) was effective at the time, the German Government came to the welcome conclusion that it was necessary to implement a data protection act dedicated to the particularly sensitive relationship between employers and employees, with the primary objective of protecting employees and their right to privacy.

To read the full article, click here.

BLOG EDITORS

STAY CONNECTED

TOPICS

ARCHIVES

RECENT POSTS