Archives: Privacy

Subscribe to Privacy RSS Feed

FDA Names First Acting Director of Medical Device Cybersecurity

The U.S. Food and Drug Administration (FDA) named University of Michigan Associate Professor Kevin Fu Acting Director of Medical Device Security in its Center for Devices and Radiological Health. This is a newly created 12-month post in which Fu will “work to bridge the gap between medicine and computer science and help manufacturers protect medical … Continue Reading

HIPAA Privacy Rule Waiver, Other Medical Information Questions During the COVID-19 Pandemic

As the coronavirus spreads across the globe and in the United States, providers, businesses, employers, and others are struggling to understand what medical information they can collect and what information they can share. These are difficult questions the answers to which involve considering factors such as long-standing compliance requirements (e.g., HIPAA, ADA, GINA, state law), … Continue Reading

New York City Ban on Pre-Employment Drug Testing Won’t Apply to (most) Healthcare Workers

On May 10, 2019, a bill amending New York City’s administrative code related to prospective employee drug-testing officially became law for New York City employers. While the law does not go into effect until May 10, 2020, it is the first of its kind in the nation. The law prohibits employers from requiring applicants to … Continue Reading

“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 for Data Breach Caused By Vendor

New Jersey’s Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) recently announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices agreed to pay $417,816 and improve data security practices to settle allegations it failed to properly protect the privacy of more than 1,650 patients … Continue Reading

Cybercriminals Often Target Healthcare Providers with Ransomware Attacks

The U.S. Department of Health and Human Services had issued guidance on ransomware attack prevention and recovery from a healthcare sector perspective in July 2016. The importance of these measures was highlighted by the recent worldwide ransomware, “WannaCry,” attack that caused major disruption to the United Kingdom’s National Health Service and cancellation of operations. Learn … Continue Reading

Hospital Worker Fails To Show That Termination For HIPAA Violation Was Discriminatory

A hospital lawfully terminated an employee for improperly accessing a co-worker’s lab results and refusing to admit to doing so, a federal district court in Mississippi has found in Cosby v. Vicksburg Healthcare, LLC D/B/A River Region Medical Center, et al., No. 5:11cv159-KS-MTP (S.D. Miss. May 16, 2013), rejecting the former employee’s claim of discrimination.   … Continue Reading

Facebook Photos Reveal Employee Dishonesty, Termination of RN on FMLA Leave by Medical Center Proper

An RN on FMLA leave lawfully was discharged from her position at Detroit Medical Center when her employer discovered she had misrepresented her alleged medical condition in her FMLA leave request, a federal district court has determined. Lineberry v. Detroit Medical Center, et al., Case No. 11-13752 (E.D. Mich., S.D. Feb. 5, 2013). Although the … Continue Reading

Office of the National Coordinator for Health Information Seeking Comments on Mobile Communication Devices

The Office of the National Coordinator for Health Information (ONC) is seeking input from the public on the role of mobile communication devices (smart phones, tablets, net books, etc.) in the exchange of personal health information within the healthcare industry, i.e. the use of such devices by physicians, hospitals and managed care providers and the … Continue Reading

HIPAA Audits to Begin Early 2012

The Office of Civil Rights (OCR) recently launched a HIPAA compliance audit program with 150 on-site audits scheduled to begin in February 2012.  Covered entities and business associates need to be prepared and take stock of their HIPAA compliance.  For more information see the following link to Jackson Lewis’ privacy blog:… Continue Reading


The NLRB has upheld a hospital’s ban on the use of cameras for photographing patients, equipment, property or facilities.  It said the ban did not violate the right of employees to engage in union or protected concerted activity. The NLRB in the 2-1 decision reasoned that the ban did not expressly restrict union or other … Continue Reading

In-House Physician’s Disclosure of Employee Medical Information to Management Violates ADA, Court Rules

On-site health clinics, occupational health clinics, and in-house physicians can be attractive options for businesses that take a comprehensive approach to disability and leave management. However, as one federal district court makes clear, employers need to be mindful of the workplace law risks. This case involves one of those risks – the ADA and its … Continue Reading

OIG Calls for More HIPAA Audits

This is an important development for health care employers, as well as those companies tied to the health care industry. A government report issued this week says HIPAA enforcement is not sufficient to protect electronic protected health information and recommends more audits. The result may be more “compliance reviews,” audits, for covered entities and business … Continue Reading

Two Bills Introduced In Nebraska to Limit Use of Credit Checks

Like other employers trying to make careful hiring decisions,  health care employers often make pre-hire inquires regarding applicant credit histories and base  hiring decisions, in part, on credit reports obtained.  In a growing trend, many states have proposed legislation prohibiting or substantially limiting the practice.  Nebraska recently introduced two bills to limit the use of … Continue Reading

Eavesdropping And Mitigating Risk

In McCann v. Iroquois Mem. Hosp., No. 08-3420 (7th Cir. September 12, 2010), the Seventh Circuit Court of Appeals addressed Plaintiffs’ allegations that the Hospital, its Board and CEO violated the Federal Wiretap Act, 18 U.S.C. § 2511, 2520, and various state laws.  According to the Hospital, a doctor inadvertently left his dictation machine running … Continue Reading