A recent post on this blog by our partner Elizabeth Litten was quoted in the Dissenting Statement (the “Dissent”) of FTC Commissioner Maureen K. Ohlhausen in the Matter of Nomi
Continue Reading FTC on Privacy: Beware of Offering Choices to Consumers beyond the Legal Minimum Requirements
FTC
Hackers: Take My Health Information, But Please Don’t Take My Health
We know by now that protected health information (PHI) and other personal information is vulnerable to hackers. Last week, the Washington Times reported that the Department of Health and Human…
Continue Reading Hackers: Take My Health Information, But Please Don’t Take My Health
When Privacy Policies Should NOT Be Published – Two Easy Lessons From the FTC’s Nomi Technologies Case
This case has nothing to do with HIPAA, but should be a warning to zealous covered entities and other types of business entities trying to give patients or consumers more…
Continue Reading When Privacy Policies Should NOT Be Published – Two Easy Lessons From the FTC’s Nomi Technologies Case
Connecticut Supreme Court Decision Depicts Rubik’s Cube of Federal and State Privacy and Security Compliance
As if compliance with the various federal privacy and data security standards weren’t complicated enough, we may see state courts begin to import these standards into determinations of privacy actions…
Continue Reading Connecticut Supreme Court Decision Depicts Rubik’s Cube of Federal and State Privacy and Security Compliance
Cyber-Sleuth or Cyber-Thief? LabMD Case Continues to Expose the Good, the Bad, and the Downright Ugly in Cyber-Security Developments
LabMD, Inc. CEO Michael J. Daugherty continues to doggedly defend LabMD against an action brought by the Federal Trade Commission (FTC) against LabMD based on Section 5 of the FTC…
Continue Reading Cyber-Sleuth or Cyber-Thief? LabMD Case Continues to Expose the Good, the Bad, and the Downright Ugly in Cyber-Security Developments
Risky (Health Care) Business: Disclosure of FTC Data Security Enforcement Potential to Investors and Other Third Parties
Readers of this blog know that we have been tracking the FTC’s recent data security enforcement activities with a particular focus on the FTC v. LabMD case. As reported by…
Continue Reading Risky (Health Care) Business: Disclosure of FTC Data Security Enforcement Potential to Investors and Other Third Parties
Will Unearthing the FTC’s Data Security Standards Help the Health Care Industry?
As a regulatory lawyer, I frequently find myself parsing words and phrases crafted by legislators and agencies that, all too often, are frustratingly vague or contradictory when applied to a…
Continue Reading Will Unearthing the FTC’s Data Security Standards Help the Health Care Industry?
Wild West Data Breach Sheriff Wins a Round Back East
LabMD is not the only company that has tried to buck the FTC’s assertion of authority over data security breaches. Wyndham Worldwide Corp. has spent the past year contesting the…
Continue Reading Wild West Data Breach Sheriff Wins a Round Back East
The Wild West of Data Breach Enforcement by the Feds
Imagine you have completed your HIPAA risk assessment and implemented a robust privacy and security plan designed to meet each criteria of the Omnibus Rule. You think that, should you…
Continue Reading The Wild West of Data Breach Enforcement by the Feds
An Update: Physicians and Lawyers Successfully Trump (At Least for Now) Compliance with the Red Flags Rule
On May 28, 2010, William H. Maruca, editor of this blog, reported in a post entitled Red Flag Reprieve – Déjà vu All Over Again that, under pressure from Congress, …