Data Privacy & Cybersecurity PracticeIn 2014, a business associate of a healthcare entity was notified by law enforcement that it had suffered a cyberattack to the company's information system. The hackers were able to access and exfiltrate the health information of more than 6 million people from numerous entities served by the business associate. In addition to a fine issued by OCR, a related covered entity was sued and a multimillion-dollar settlement was reached. OCR placed the covered entity under a very detailed corrective action plan.
Read more »Tag: hhs ocr
-
The Next Major Public Health Crisis Posted on: October 15, 2020 In: Data Privacy & Cybersecurity
Blog Search
Featured Posts
- June 11, 2021 Using Artificial Intelligence to Track Growing Remote Workforce and Related Litigation Implications
- June 07, 2021 Backup, Separate, & Secure: White House Cyber Recommendations Reach the Private Sector
- June 02, 2021 How to Protect Your Investment in Employees in a Tight Labor Market
- March 29, 2021 Complaint Itself Cannot Meet Knowledge Requirement For Indirect & Willfulness Claims, Says Delaware District Court
Blog Tags
alabama
arkansas
audit
bank secrecy act
biometric data
breach notification
california
canada
ccpa
client notification
colorado
congress
connecticut
consumer notification
consumer rights
coronavirus
covid-19
cpra
cryptocurrency
cyber insurance
cybersecurity
cyber threat
data breach
data privacy
data protection officer
data security
delaware
email
employment
equifax
ethereum
eu
eu-u.s. privacy shield
european union
executive order
fbi
fcra
federal trade commission
fincen
fraud
ftc
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
incident response
information security
irs
legislation
legislative alert
malware
managed service providers
maryland
massachusetts
microsoft
microsoft exchange servers
microsoft office 365
multi-factor authentication
multi-factor identification
net neutrality
new jersey
new mexico
new york
ninth circuit
nist
nist security controls
nydfs
opt out
patient information
personal data
personal information
phishing
privacy settings
protected health information
ransomware
rdp
regulations
security posture assessment
service provider agreement
social engineering
social media
social security
soppa
statute
supreme court
tax returns
tennessee
utah
video-teleconferencing
virginia
w2
washington
websites
workplace policy
zoom