By Divonne Smoyer and Brad Rostolsky on Posted in Privacy & HIPAA
Businesses working with U.S. customer or employee data are very familiar with the roles the Federal Trade Commission (FTC), U.S. Department of Health and Human Services, and other federal agencies play in privacy regulation and enforcement. But, increasingly, if your company ends up facing a health – or other data – incident, you may find … Continue Reading
Last week, President Obama signed into law a bill that will eradicate Social Security Numbers (SSNs) from all Medicare beneficiary cards over the next eight years. Medicare has four years to begin issuing cards with new identifiers, and four years after that to reissue cards to current beneficiaries. The removal of SSNs from the cards is not only expected to decrease the risks associated with identity theft for Medicare beneficiaries, but also Medicare's risk of exposure associated with breaches of protected health and personal information under HIPAA and state privacy laws.… Continue Reading
State attorneys general across the United States have taken recent action towards addressing data privacy and security issues. In Connecticut, the attorney general announced the establishment of a Privacy and Data Security Department to handle investigations and litigation relating to data privacy and security. This month's National Association of Attorneys General (NAAG) Southern Region Meeting featured presentations on big data, cybersecurity, cloud computing and data breaches, and next month's NAAG presidential initiative summit will address topics such as intellectual property theft, cloud computing and digital currency. Finally, Washington's attorney general has proposed several amendments to expand the scope of that state's data breach notification requirements.… Continue Reading
In a time of economic crisis, when hospitals, like most other businesses, are struggling to operate within a constrained budget, Memorial Hermann Healthcare System ("Memorial Hermann") agreed Jan. 26, 2009 to pay $700,000 to settle claims of the Texas Attorney General alleging that Memorial Hermann orchestrated an agreement among health plans not to do business with a new competitor, Town and County Hospital ("Town and Country"). According to the complaint, Memorial Hermann, which owns and operates acute care hospitals furnishing inpatient care, is the largest hospital system in the Houston area. Town and County, a physician-owned hospital, opened in November 2005. Before opening, Town and County approached insurers to enter into contracts to be included in those insurers' hospital networks. Memorial Hermann allegedly took steps to discourage insurers from entering into contracts with Town and Country, including sending notification of an intent to terminate its contract with one insurer as to all Memorial Hermann facilities, and subsequently renegotiating a contract with the insurer for substantially higher rates.… Continue Reading