Vermont lawmakers recently passed a first-of-its-kind data broker law, which protects consumers from credit freeze fees, data fraud and clarifies data security requirements.
Continue reading “Vermont First State to Pass Data Broker Law”
Information Governance Can Still Help Your Organization with GDPR Compliance
The highly-anticipated enforcement date of May 25th has come and gone, but the opportunity to use information governance (IG) to bolster your organization’s compliance with the EU General Data Protection Regulation (GDPR) still exists.
Continue reading “Information Governance Can Still Help Your Organization with GDPR Compliance”
Massive Data Breach Exposes 500,000 Patients’ Medical Records
LifeBridge Health in Maryland is the most recent health system to have its patient records impermissibly accessed through a malware cyberattack. Indication of an attack was first detected in March 2018, upon which the hospital hired a national forensic firm to investigate the attack and determined that an unauthorized person had accessed LifeBridge’s server in September 2016.
Continue reading “Massive Data Breach Exposes 500,000 Patients’ Medical Records”
FTC Warns Two Foreign-Based App Developers of Possible COPPA Violations
The FTC staff recently sent two warning letters to Gator Group Co., Ltd., and Tinitell, Inc., which marketed mobile apps directed to children and appear to be violating the Children’s Online Privacy Protection Act (COPPA). The FTC warning letters were also sent to the Apple App Store and Google Play Store, which make the apps available to consumers.
Continue reading “FTC Warns Two Foreign-Based App Developers of Possible COPPA Violations”
CMS Proposed Rule, Rebranding of Medicare and Medicaid Electronic Health Records Incentives Program Shifts Focus to Interoperability and Patient Access
The Centers for Medicare and Medicaid Services (CMS) recently released its Proposed Rule that, in major part, rebrands the previously known Medicare and Medicaid Electronic Health Records (EHR) Incentives Program into the Promoting Interoperability Program. The rebrand shifts the focus of the program to ensure that providers facilitate patient access to their own health data, and limit the burden on health care providers when it comes to monitoring clinical care using health technology.
Mobile Phone Maker BLU Products Settles with FTC Resolving Allegations of Lax Data Security Practices
Mobile phones are ubiquitous extensions of our personal and professional lives and few think deeply about the tangled webs of software and hardware providers that formulate components to mobile phone fabricators. However, the Federal Trade Commission’s recent settlement with BLU Products represents an important reminder of the importance of appropriate vendor oversight in all phases of the manufacturing and sales process.