Healthcare Information Security

State Patient Privacy Laws

HIPAA Info Included in Updated MD Data Breach Notification Law

November 14, 2017 - Maryland has updated its data breach notification law, with information protected under HIPAA to be included under the definition of personal information. Should that data be compromised in a data breach, state organizations will need to notify consumers. The new provisions under the Maryland Personal Information Protection Act (HB 974) will go into effect on January 1, 2018. Personal information...


More Articles

Proposals Made for Improved State Data Breach Laws

by Elizabeth Snell

The large-scale Equifax data breach has pushed some states into creating more stringent state data breach laws, looking to close gaps in how sensitive consumer information is protected. The Vermont House Committee on Commerce and Economic Development...

What Should Entities Expect with OCR HIPAA Enforcement?

by Elizabeth Snell

There have been nine OCR HIPAA enforcement settlements so far in 2017, highlighting the need for covered entities and business associates to focus on audit controls, risk management, and business associate agreements. While there has been a new...

Single National Data Breach Notification Standard Proposed

by Elizabeth Snell

A recently proposed bill calls for a single national data breach notification standard, which would replace the existing state notification laws and “clarify and strengthen” organizations’ reporting obligations. Rhode Island...

Tech Company Agrees to $264K Vermont Data Breach Settlement

by Elizabeth Snell

Technology company SAManage USA, Inc. recently agreed to pay $264,000 as part of a data breach settlement with the Vermont Attorney General, following a July 2016 incident. SAManage provides cloud-based IT support, which was used by WEX Health...

How Health Data Security Relates to Healthcare Biometrics

by Elizabeth Snell

Increasing government initiatives for improved health data security and privacy have helped aid to the growth of the healthcare biometrics market, according to a recent MarketsandMarkets report. More healthcare facilities are looking to combat...

DE Data Breach Notification Law Includes Medical Information

by Elizabeth Snell

Delaware Governor John Carney signed a bill last week to update the state’s data breach notification requirements. As part of extending cybersecurity protections, the law accounts for medical information being compromised in data breaches....

Patient Privacy Included in Recent Opioid Records Senate Bill

by Elizabeth Snell

Recently passed legislation states that HHS will establish guidelines for when healthcare providers should prominently display a patient’s history of opioid use on his or her medical record. The bill also underlines the importance of maintaining...

CA Supreme Court Rejects Physician Patient Privacy Claim

by Elizabeth Snell

A California physician’s claim that the state medical board committed patient privacy violations when it obtained an individual’s prescription records without a warrant was recently rejected by the California Supreme Court. The medical...

Va. Data Breach Legislation Update Accounts for Payroll Data

by Elizabeth Snell

Virginia recently updated its data breach legislation to require notification should payroll data become compromised. The amended statute applies to employers or payroll service providers who experience unauthorized access and acquisition of...

Do Healthcare Data Breach Lawsuits Have Reasonable Standards?

by Elizabeth Snell

Being able to prove fault in a healthcare data breach class action lawsuit is inherently difficult, but it is also important to understand the privacy expectations, according to a recent Corporate Clients Insight blog post. Data breach cases...

TN Updates Data Breach Notification Law for Encrypted Data

by Elizabeth Snell

Any person or business that conducts business in Tennessee is only required give data breach notification if the information acquired was unencrypted, according to a recently passed amendment. Amended Senate Bill 547 states that encrypted data...

N.M. Senate Committee Passes Data Breach Notification Bill

by Elizabeth Snell

A New Mexico data breach notification bill was recently passed by a state Senate Committee, and will move onto the Senate Judiciary Committee, according to the Los Alamos Daily Post.   Rep. Bill Rehm introduced House Bill 15, and explained...

Recent Cybersecurity Bill Focuses on State, Local Preparation

by Elizabeth Snell

A reintroduced cybersecurity bill hopes to help state and local governments fight against the increasing number of cybersecurity threats. The State and Local Cyber Protection Act will require more coordination with the Department of...

Mass. Launches Online Data Breach Notification Archive

by Elizabeth Snell

As part of the recently updated Massachusetts Public Records Law, the state’s Office of Consumer Affairs and Business Regulation made its online Data Breach Notification Archive available to the public. Governor Charlie Baker signed the...

NGA Publishes State Road Map for Secure Health Data Exchange

by Elizabeth Snell

Under an agreement with the Office of the National Coordinator (ONC), the National Governors Association (NGA) released guidance with potential steps that could improve the flow of electronic health information within, and among states. Ensuring...

Are More State Data Breach Notification Laws Recognizing PHI?

by Elizabeth Snell

Federal regulations, such as HIPAA and the HITECH Rule, garner the majority of attention when it comes to the data breach notification process. However, state laws also exist, and tend to vary. Covered entities and business associates must ensure...

IL Data Breach Notification Law to Include Healthcare Data

by Jacqueline Belliveau

Last month, Illinois Governor Bruce Rauner signed several amendments to a data breach notification law that would impact healthcare data security regulations starting in 2017. Under the revised Personal Information Privacy Act, protected personal...

Proposed NY Data Breach Legislation Accounts for PHI Security

by Elizabeth Snell

Pending data breach legislation in New York could potentially affect the future of PHI security, as the proposed bill would include individuals’ medical information under its definition of personal information. If the bill passes, unsecured...

Neb. Data Breach Notification Law Clarifies Encryption Aspect

by Elizabeth Snell

Nebraska Governor Pete Ricketts signed an amended version of the state’s data breach notification law last month, which further clarifies the data encryption exemption and expands the definition of personal information. LB835 made changes...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks