Amy C. Pimentel
Subscribe to Amy C. Pimentel's Posts
Amy C. Pimentel focuses her practice on privacy and data security and general health law. Her clients operate in a variety of industries, including health care, consumer products, retail, food and beverage, technology, banking and other financial services. Read Amy Pimentel's full bio.
The Continuing Disconnect between the Health Care Industry and OCR on HIPAA’s Risk Analysis Requirement
By Amy C. Pimentel, David Quinn Gacioch and Edward G. Zacharias on May 6, 2018
Posted In Cybersecurity, Data Privacy, Telehealth
Lack of a sufficient risk analysis continues to be one of the most commonly alleged violations in Office for Civil Rights (OCR) HIPAA enforcement actions, appearing in half of all OCR settlements announced in the last 12 months and in almost all of the $1 million-plus settlements during that time period. Significant confusion remains across...
By Vanessa K. Burrows, McDermott Will & Emery, Amanda Enyeart, Anisa Mohanty, Amy C. Pimentel, Bernadette M. Broccolo, Dale C. Van Demark, Jiayan Chen, Lisa Mazur, Marshall E. Jackson, Jr., Michael W. Ryan, Ryan S. Higgins and Scott Weinstein on Mar 20, 2018
Posted In Big Data, Cloud, Consumer Protection, Data Privacy, General Interest, Telehealth
Designed to provide business leaders and their key advisors with the knowledge and insight they need to grow and sustain successful digital health initiatives, we are pleased to present The Law of Digital Health, a new book edited and authored by McDermott’s team of distinguished digital health lawyers, and published by AHLA. Visit www.mwe.com/lawofdigitalhealth to order this...
By Amy C. Pimentel, Bernadette M. Broccolo and Daniel F. Gottlieb on Feb 7, 2018
Posted In Big Data, Consumer Protection, Data Privacy, Workplace Privacy
The General Data Protection Regulation (GDPR) establishes protections for the privacy and security of personal data (Personal Data) about individuals in the European Union (EU) single market countries, and potentially affects the clinical and other scientific research activities of academic medical centers and other research organizations in the United States. This On the Subject includes...
By Amy C. Pimentel, Katherine F. Froelicher, Michael G. Morgan, Mark E. Schreiber and Romain Perray on Oct 17, 2017
Posted In Cybersecurity, Data Privacy, Data Transfers/Safe Harbor/Privacy Shield
The validity of Model Clauses for EU personal data transfer to the United States is now in real doubt as a result of a new Irish High Court judgment stating that there are “well founded grounds” to find the Model Clauses invalid. The issue of Model Clauses as a legitimate data transfer mechanism will now...
By Amy C. Pimentel, Michael G. Morgan and William M. Friedman on Sep 27, 2017
Posted In Cybersecurity, Data Privacy, General Interest
The US Department of Transportation’s National Highway Traffic Safety Administration recently released A Vision for Safety 2.0, an update to its prior guidance on automated driving systems. The new guidance adopts a voluntary, flexible approach to regulation of automated driving systems and clarifies that it alone, and not the states, is responsible for regulating the...
By Amy C. Pimentel on Jul 28, 2017
Posted In Consumer Protection, Cybersecurity, Data Privacy, General Interest
New technologies and the expansion of the Internet of Things have allowed children of this generation to experience seamless interactive technologies through microphones, GPS devices, speech recognition, sensors, cameras and other technological capabilities. These advancements create new markets for entertainment and education alike and, in the process, collect endless amounts of data from children–from their...
By Amy C. Pimentel on Mar 31, 2017
Posted In Advertising & Marketing, Consumer Protection, General Interest, Telehealth, Text Messaging
In an age where providers are increasingly taking the management of their patient’s health online and out of the doctor’s office, the creation of scalable and nimble patient engagement tools can serve to improve patient experience, health care outcomes and health care costs. While the level of enthusiasm for these tools is at an all-time...
ECJ Confirms Dynamic IP Address May Constitute Personal Data But Can Be Logged to Combat Cyberattacks
By Amy C. Pimentel and Dr. Claus Färber on Oct 31, 2016
Posted In Cybersecurity, Data Privacy, Data Transfers/Safe Harbor/Privacy Shield, General Interest
On 19 October 2016, the European Court of Justice (ECJ) held (Case C-582/14 – Breyer v Federal Republic of Germany) that dynamic IP addresses may constitute personal data. The ECJ also held that a website operator may collect and process IP addresses for the purpose of protecting itself against cyberattacks, because in the view of...
The Privacy Shield: September 30, 2016, Deadline for Early Self-Certification Offers Compliance Opportunity and Risk
By McDermott Will & Emery, Amy C. Pimentel and Michael G. Morgan on Sep 6, 2016
Posted In Data Privacy, Data Transfers/Safe Harbor/Privacy Shield
The European Commission recently determined that the Privacy Shield Framework is adequate to legitimize data transfers under EU law, providing a replacement for the Safe Harbor program. The Privacy Shield is designed to provide organizations on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data...
By Amy C. Pimentel on Jan 25, 2016
Posted In Big Data, Consumer Protection, Data Privacy
On January 6, the Federal Trade Commission (FTC) released a report that it hopes will educate organizations on the important laws and research that are relevant to big data analytics. The report, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues, looks specifically at how big data is used after it is collected...