Tag Archives: medical information

Ransomware Targets Healthcare Industry

Photo of Lynn SessionsBy Lynn Sessions and Suchismita Pahi on Posted in Uncategorized
Just four months into 2016, the healthcare industry is already facing a permanent and increasing threat to hospital operations: ransomware. Previously, BakerHostetler reported that Hollywood Presbyterian Hospital paid 40 bitcoins to access its own electronic health records after its information systems were locked with ransomware. Since then, at least five other healthcare entities have been infected with … Continue Reading

Protecting Patient Data From Hacker Ransom Demands

By Suchismita Pahi on Posted in Uncategorized
Forty bitcoins later (approximately $17,000), Hollywood Presbyterian Hospital can now access its electronic medical health records and return to treating its patients as scheduled. But as hackers develop new tools to access information, an increasing number of providers will be targeted and ransom demands will escalate, putting hospitals and patients at risk. Focusing on technical … Continue Reading

HHS Removes Barriers to Reporting Federal Mental Health Prohibitor Status for Gun Background Checks

Photo of Lynn SessionsBy Lynn Sessions and Suchismita Pahi on Posted in Uncategorized
On January 6, 2016, the U.S. Department of Health and Human Services (HHS) released amodification to the Health Insurance Portability and Accountability Act (HIPAA) removing barriers to reporting federal mental health prohibitor status for gun background check purposes. The new section, 45 C.F.R. § 164.512(k)(7), allows a covered entity to use or disclose protected health information … Continue Reading

EEOC Issues Proposed Regulations on Wellness Programs and the ADA

By Dan McClain and Brian Murray on Posted in Uncategorized
On April 20, 2015, the Equal Employment Opportunity Commission (EEOC) issued highly anticipated proposed regulations addressing the application of the Americans With Disabilities Act (ADA) to workplace wellness programs. In recent years, the EEOC has been sharply criticized for challenging employers’ wellness programs under the ADA despite not having issued regulations addressing those programs. Its … Continue Reading

Ebola Information Quarantine: Balancing Patient Privacy With Public Health

Photo of Lynn SessionsBy Lynn Sessions and Cory J. Fox on Posted in Uncategorized
Of all the complex legal issues raised by the recent cases of Ebola in the U.S., those concerning the delicate balance between preserving patients’ privacy rights and the need to disseminate information to protect public health may be overlooked by providers. First, the laws may seem complex, consisting of a patchwork of state-level privacy and … Continue Reading

Medical Information More Valuable to Hackers Than Credit Card Numbers

Photo of Lynn SessionsBy Lynn Sessions and Nita Garg on Posted in Uncategorized
In light of the recently reported large healthcare data breaches that have resulted in the potential theft of the personal information of millions of patients, the FBI warned healthcare providers yet again of the dangers of cyber attacks. Healthcare providers, already sensitive to the need for increased patient data protection in response to the 2013 … Continue Reading

Hobby Lobby: Likely First of Many Cases Pitting Religion Against ACA

By Virginia Medina on Posted in Uncategorized
The U.S. Supreme Court on June 30, 2014, ruled 5-4 that a closely held, for-profit corporation can qualify for an exemption from the U.S. Department of Health and Human Services (HHS) requirements mandating contraceptive coverage for employees. The exemption is only available if the mandate imposes a substantial burden on the corporation’s ability to “conduct … Continue Reading

Florida Gives Breach Notification Statute More Teeth

By Cory J. Fox on Posted in Uncategorized
Editor’s note:  This post originally appeared on BakerHostetler’s Data Privacy Monitor blog. On June 20, 2014, Florida Governor Rick Scott signed the Florida Information Protection Act of 2014 (FIPA), which will repeal Florida’s current breach notification statute at Fla. Stat. § 817.5681 and replace it with a new statute at Fla. Stat. § 501.171 effective … Continue Reading

HHS OCR Settles Post-Data Breach Investigation for Record $4.8M

By Kimberly M. Wong on Posted in Uncategorized
Editor’s Note:  This post originally appeared on BakerHostetler’s Data Privacy Monitor blog. On May 7, 2014, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million—the highest data breach settlement amount to … Continue Reading

FTC Settles Case With Medical Transcription Company

By Anne Foster on Posted in Uncategorized
The Federal Trade Commission (FTC) recently announced that it had settled its data privacy case against medical transcription firm GMR Transcription Services, Inc. (GMR) following allegations that GMR had failed to adequately protect the personal information of its consumers.  The consent order signed by the parties is a particularly notable milestone in that it marks … Continue Reading

Some Things Better Left Unshared: Social Media and Medical Identity Theft

Photo of Lynn SessionsBy Lynn Sessions and Anne Foster on Posted in Uncategorized
The Washington Post recently published an article reminding individuals not to tweet or otherwise share information concerning their medical conditions on social media, warning that disclosing such information publicly “is akin to posting your address along with the dates you’ll be away on vacation.” Quoting Jennifer Trussell, who investigates medical identity theft on behalf of … Continue Reading

Tell Me About Your Family. On Second Thought, Don’t Tell Me

Photo of Robert M. WolinBy Robert M. Wolin on Posted in Uncategorized
Founders Pavilion, Inc., a skilled nursing facility, sent prospective employees for preemployment physicals. As part of the physicals, an independent physician requested the prospective employee’s family medical history as part of the physician’s post-offer, preemployment medical exams protocol. However, the Genetic Information Nondiscrimination Act (GINA) prohibits employers from requesting genetic information or making employment decisions … Continue Reading
LexBlog