Welcome to Health Care POV | sign in | join

BROWSE BY TAGS

All Tags » Security/Privacy   (RSS)
Privacy for Health Information Executives

Lowering the Red Flags
November 3, 2009 1:41 PM by Andrew Serwin
The Red Flags Rule hit two more hurdles recently. On Oct. 29, 2009, the U.S. District Court for the District of Columbia granted summary judgment to the American Bar Association (ABA) to set aside an extended enforcement policy of the controversial Red Read More...
0 comments »     
Privacy and Social Networking
October 13, 2009 10:39 AM by Andrew Serwin
In Beye v. Horizon Blue Cross Blue Shield of New Jersey , a court addressed an issue that will likely recur -- the impact on a person's privacy of their voluntary disclosure of sensitive information on a social networking site. In this case the court Read More...
0 comments »     
Two-party Consent Laws
October 6, 2009 4:59 PM by Andrew Serwin
A group recently secretly videotaped interactions with employees of the poverty-rights organization ACORN, and those tapes have been played widely in the media. The ACORN situation illustrates the issue that two-party consent laws can create, irrespective Read More...
0 comments »     
Credit Card Receipt Laws Present Challenges
September 22, 2009 3:49 PM by Andrew Serwin
A number of laws restrict the dissemination of credit card numbers on receipts. California's law has provisions that became effective this year that differ from other laws. California prohibits any person, firm, partnership, association, corporation or Read More...
0 comments »     
New Class-action Case Offers New Theories
September 8, 2009 11:31 AM by Andrew Serwin
Hannaford Bros. Co., a grocer, faced a number of class-action lawsuits from its customers as a result of a third party stealing electronic payment data from credit cards and debit cards used by its customers to purchase groceries. The alleged data breach Read More...
0 comments »     
New Data-security Laws
August 12, 2009 11:10 AM by Andrew Serwin
Every company and organization must grapple with data security. In the health field, HIPAA has specific data-security requirements, but general data-security restrictions can also be implicated. Over 30 states have data-security or data-destruction laws. Read More...
1 comments »     
Red Flags: Keep Holding Your Breath
August 7, 2009 3:17 PM by Andrew Serwin
The Federal Trade Commission recently announced that it has once again extended the compliance deadline for Red Flags, in part based upon efforts by the American Bar Association and the American Medical Association to clarify the definition of "creditor" Read More...
1 comments »     
Genetic Testing, Part 2
July 15, 2009 11:25 AM by Andrew Serwin
This is the second post in a series on genetic testing laws. Click here to access the first blog post. Like California, New York has a number of restrictions on the use of genetic testing, including under its Civil Rights law. Unless it can be clearly Read More...
0 comments »     
FTC Brings Case in Conjunction with Office of Civil Rights
June 18, 2009 12:44 PM by Andrew Serwin
The FTC has clearly indicated its focus on preventing medical identity theft and a case involving CVS shows that focus. Brought earlier this year, CVS was alleged to have failed to implement reasonable and appropriate security to protect the information Read More...
0 comments »     
Restrictions on Genetic Testing in California
May 19, 2009 6:37 PM by Andrew Serwin
A number of states have enacted restrictions on genetic testing that go beyond the federal genetic privacy law, GINA. California has restricted the disclosure of test results for genetic characteristics in a limited way, as the law only applies to requests Read More...
1 comments »     
The Issue of Standing in Privacy Litigation
April 8, 2009 12:14 PM by Andrew Serwin
Standing is an issue that is frequently raised in privacy litigation. Standing is a constitutional issue under Article III of the United States Constitution, and the party invoking federal jurisdiction bears the burden of establishing the following three Read More...
0 comments »     
E-mail Case Ruling Allows Punitive Damages and Attorneys’ Fees
March 24, 2009 9:42 PM by Andrew Serwin
Most privacy litigation faces serious challenge due to the lack of actual damages. (A full discussion of that issue can be found in Section 26:18 of my book.) However, claims that involve statutory penalties, such as the Electronic Communications Privacy Read More...
0 comments »     
Health Care Providers not Exempt from 'Creditor' Rules
February 3, 2009 1:22 PM by Andrew Serwin
Under the Red Flag rules, a "creditor" is "any person or business who arranges for the extension, renewal or continuation of credit" with a "covered account." An "account" means a continuing relationship with a creditor to obtain a product or service Read More...
0 comments »     
Implementing Interoperability
December 17, 2008 11:26 AM by Andrew Serwin
Health care record interoperability is one of the least recognized health and privacy issues at this time. While this issue had not received significant support before Hurricane Katrina, that disaster made government realize the value of easily accessible Read More...
0 comments »     
Protecting Your Company in Light of the Recent MySpace Verdict
December 1, 2008 5:33 PM by Andrew Serwin
The Computer Fraud and Abuse Act (CFAA) is a federal law directed toward stopping hacking and other related computer misconduct. However, in recent years it has taken on an increasing role in policing Internet conduct generally, serving as a frequent Read More...
0 comments »     
next page »