In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year. The Report examines OCR’s findings from
Privacy, Data and Cybersecurity
OCR Releases Report Summarizing HIPAA Privacy and Security Compliance Failures
In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year. The Report examines OCR’s findings from…
Phishing Attack Messaging Targets COVID-19 Vaccine
In April of this year, which seems far longer than eight months ago, we posted about an alert from federal agencies warning that cyber threat actors were exploiting the coronavirus pandemic to fuel phishing and other attacks. Those efforts have continued throughout the year with attackers now retooling their messaging around the COVID-19 vaccine. Criminal…
Federal Agencies Issue Joint Alert on Imminent Cybercrime Threat to Healthcare Providers
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have issued a joint cybersecurity advisory stating they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.
The advisory describes the tactics, techniques, and procedures…
COVID-19 Screening Program Can Lead to Litigation Concerning Biometric Information, BIPA
As organizations aim to return to some type of normalcy, and help ensure a healthy and safe workplace, many have implemented COVID-19 screening programs that check for symptoms, and an employee’s recent travel and potential contact with the virus. Moreover, many states and localities across the nation are mandating or recommending the implementation of COVID-19…
New York and New Jersey Release COVID-19 Exposure Apps
New York and New Jersey release “COVID Alert NY” and “COVID Alert NJ,” apps designed to alert their users when they have been exposed to someone who tested positive for COVID-19. These apps follow those released in Pennsylvania and Delaware and are soon to be joined by Connecticut. The states hope to enhance their contact…
City of Portland Bans Private Entities From Using Facial Recognition Technologies
The City of Portland, Oregon becomes the first city in the United States to ban the use of facial recognition technologies in the private sector citing, among other things, a lack of standards for the technology and wide ranges in accuracy and error rates that differ by race and gender. Failure to comply can be…
Will the Public Health Emergency Privacy Act Make it into the Next Stimulus Package?
Despite several attempts, Congress has struggled to push forward a federal consumer privacy law over the past few years. But the COVID-19 pandemic, which has raised concerns regarding location monitoring, GPS tracking and use of health data, has heightened the urgency for federal consumer privacy legislation. In May, a group of Democrats from the U.S.…
New Ransomware Tactics and Strains Emerge, Including Public Auctions of Stolen Data
As many have learned over the last several years, ransomware is a type of malware that denies affected users access to critical data by encrypting it. Attackers profit handsomely by requiring victims to pay substantial sums, typically tendered in a cryptocurrency such as Bitcoin. A look at some of the numbers over the past two…
EEOC Issues Guidance on Antibody Testing in the Workplace
In late-March and April 2020, the Equal Employment Opportunity Commission (EEOC) released guidance addressing various questions with answers concerning COVID-19 and related workplace disability-related issues under the Americans with Disabilities Act (ADA). Recently, on June 17th, EEOC updated its guidance to include a new question regarding antibody testing.
Most of the questions concern…