Archives: Data breach

Subscribe to Data breach RSS Feed

Recent $2.5 Million OCR Settlement Is a Warning to Wireless Health Service Providers

On April 24, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement in the amount of $2.5 million based on the impermissible disclosure of unsecured electronic protected health information (ePHI) by a provider of remote mobile monitoring, with … Continue Reading

OCR Guidance Underscores Importance of Authentication under HIPAA

In its tenth OCR Cyber Awareness Newsletter of the year (Newsletter), the Office for Civil Rights (OCR) reminded HIPAA-covered entities and business associates of the importance of selecting an appropriate authentication method to protect electronic protected health information (ePHI). Authentication is the process used to “verify whether someone or something is who or what it … Continue Reading

Start with Security

On June 30, 2015, the Federal Trade Commission (FTC) published “Start with Security: A Guide for Businesses” (the Guide). The Guide is based on 10 “lessons learned” from the FTC’s more than 50 data-security settlements. In the Guide, the FTC discusses a specific settlement that helps clarify the 10 lessons: Start with security; Control access to … Continue Reading

Data Breach Insurance: Does Your Policy Have You Covered?

Recent developments in two closely watched cases suggest that companies that experience data breaches may not be able to get insurance coverage under standard commercial general liability (CGL) policies. CGLs typically provide defense and indemnity coverage for the insured against third-party claims for personal injury, bodily injury or property damage. In the emerging area of … Continue Reading
LexBlog