October 2018 marks the 15th annual National Cyber Security Awareness Month. In honor of this occasion, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool to help covered entities and business associates comply
Privacy
“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 for Data Breach Caused By Vendor
New Jersey’s Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) recently announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices agreed to pay $417,816 and improve data security practices to settle allegations it failed to properly protect the privacy of more than…
Health Apps: Convenience vs. Security Risks
The pace of innovation in healthcare today has produced an amazing increase in the number of available mobile apps for health-related information. More than 300,000 healthcare apps are available online. Our colleagues in the Workplace Privacy, Data Management & Security practice group discusses whether healthcare providers can tap into the available technology of “connectivity” and…
Cybercriminals Often Target Healthcare Providers with Ransomware Attacks
The U.S. Department of Health and Human Services had issued guidance on ransomware attack prevention and recovery from a healthcare sector perspective in July 2016. The importance of these measures was highlighted by the recent worldwide ransomware, “WannaCry,” attack that caused major disruption to the United Kingdom’s National Health Service and cancellation of operations. Learn…
Enterovirus D-68 and Ebola Cases Raise Privacy Concerns for Healthcare Providers and their Workers
The following posting from our colleagues on the Jackson Lewis P.C. website, as part of the Workplace Privacy, Data Management & Security Report, regarding privacy concerns related to Enterovirus and Ebola may be of particular interest to healthcare employers. Click here to be transferred directly to the link.
Data Breach Notification Deadline Extended 10 Days for Certain Healthcare Providers in California
The following posting from our colleagues on the Jackson Lewis P.C. website, as part of the Workplace Privacy, Data Management & Security Report, regarding data breach notification requirements for healthcare providers in California may be of particular interest. Click here to be transferred directly to the link.
Plan To Minimize Spread Of Flu And Legal Risks In The Workplace During Flu Season
Click here for the full article that appeared on Jackson Lewis’ website this week.
Hospital Worker Fails To Show That Termination For HIPAA Violation Was Discriminatory
A hospital lawfully terminated an employee for improperly accessing a co-worker’s lab results and refusing to admit to doing so, a federal district court in Mississippi has found in Cosby v. Vicksburg Healthcare, LLC D/B/A River Region Medical Center, et al., No. 5:11cv159-KS-MTP (S.D. Miss. May 16, 2013), rejecting the former employee’s claim of…
New York’s Highest Court To Say Whether Medical Practice Can Be Sued For Wrongful Texts By Non-Physician Employee
The following note from our colleagues at the Jackson Lewis LLP Workplace Privacy, Data Management & Security Report may be of particular interest to healthcare employers. Click here to be transferred directly to the link.
Monitoring and Accessing Social Networking Content–New Jersey District Court Weighs In Again
For an interesting reminder about the potential pitfalls of investigating employees through social media, please click here to go to the Jackson Lewis Workplace Pirvacy Blog to read about Ehling v. Monmouth-Ocean Hospital Service Corp.