Posts in Data Breach & Notification.
Vendors of personal health records will face new rules for data breach notifications, as clarified by the Federal Trade Commission's Final Rule. The amendments address the increased use of health-related technology and emphasize the importance of notifying individuals and the FTC in case of a breach. The rule expands on definitions, breach ...
The deadline for notifying the Office of Civil Rights (OCR) of healthcare data breaches affecting fewer than 500 individuals is early this year. Reports of small data breaches may be submitted to OCR annually, usually on March 1st, but because 2024 is a leap year, the reports are due on or before Thursday, February 29th ...
On November 28, 2022, HHS released Proposed Rule to amend Part 2 regulation on confidentiality of substance use disorder (SUD) patient records in federally assisted Part 2 Programs. The Proposed Rule would align Part 2 with HIPAA's requirements for consent, disclosure, de-identification, unsecured PHI, data breach notification, and other ...
CISA issues statement on critical vulnerability in products that contain log4j software library. Bad actors are exploiting the vulnerability to steal information, launch ransomware, or conduct other malicious activity. Ten major tech vendors issue statements that one or more of their products are affected by the log4j vulnerability ...
KRONOS payroll support services notifies customers of ransonware attack. A ransomware attack that compromises employee personal information could trigger data breach notification for employers under state breach notification laws.