We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

Search results

Order by: most recent most popular relevance



Results:1-4 of 4

The incredible shrinking notice period: Connecticut's strict reporting stance on data breaches and security incidents
  • Baker & Hostetler LLP
  • USA
  • October 14 2010

Perhaps prompted by revelations that one or more Connecticut-based insurers failed to notify individuals or report known data security incidents or breaches until weeks, or even months, after the data had been lost or stolen, the state's Insurance Commissioner has issued stringent new reporting obligations applicable to all entities regulated by the Connecticut Department of Insurance (CDI), including, for example, insurers, agents, brokers, adjusters, health maintenance organizations, preferred provider networks, discount health plans and certain consultants and utilization review companies.


State privacy laws: delay in issuing breach notifications prompts investigation by Connecticut Attorney General
  • Baker & Hostetler LLP
  • USA
  • November 12 2009

Creating a situation with national publicity implications, in late August 2009, a laptop containing thousands of records of unencrypted personal information (name, address, SSN or TIN, NPI) pertaining to over 18,000 physicians and other providers contracted with Anthem Blue Cross and Blue Shield of Connecticut (BCBS) and an affiliate, was stolen from a BCBS employee’s automobile in Chicago.


John S. Mulhollan
  • Baker & Hostetler LLP