We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.


Refine your search

Content type



15 results found


Jackson Lewis PC | USA | 1 Jun 2018

Colorado Strengthens its Consumer Data Protection Law

Back in January, Colorado lawmakers on both sides of the aisle introduced a groundbreaking new bill requiring “reasonable security procedures and


Jackson Lewis PC | USA | 8 Apr 2018

“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 for Data Breach Caused By Vendor

Last week, New Jersey Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) announced that a physician group


Jackson Lewis PC | USA | 3 Mar 2016

ERISA Preempts Vermont Health Plan Reporting Law, Supreme Court Holds (Self-Funded Plans Take Note)

Many employers would agree that reporting is a core function of employee benefit plan administration. On top of the numerous reporting requirements


Jackson Lewis PC | USA | 2 Mar 2016

Vermont’s Health Plan Reporting Law Impermissibly Impacts National Plan Administration and Falls to ERISA Preemption, Supreme Court Holds

If you were to ask most employers whether reporting is a core function of employee benefit plan administration, they would likely say yes


Jackson Lewis PC | USA | 8 Sep 2015

Cancer care group to pay $750,000 to settle HIPAA breach, as KPMG finds 81 percent of hospitals and health insurance companies had a breach in the past two years

On September 2, the Office for Civil Rights (OCR) reported that it agreed to settle potential violations of the HIPAA privacy and security regulations


Jackson Lewis PC | USA | 24 Jul 2015

Connecticut state contractors, health insurance industry businesses subject to enhanced significant data security mandates

In June, Connecticut's governor signed into law Senate Bill 949 which amended the State's breach notification statute. The requirement that covered


Jackson Lewis PC | USA | 23 Jul 2015

Connecticut adds significant data security mandates for state contractors, certain health insurance industry businesses

Connecticut has amended its breach notification statute to require that covered businesses provide one year of identity theft protection services to


Jackson Lewis PC | USA | 23 Apr 2014

Stolen laptops HIPAA settlements totaling nearly two million dollars

Unencrypted laptop computers and other mobile devices pose significant risks to the security of patient information, reminds the U.S. Department of


Jackson Lewis PC | USA, Puerto Rico | 20 Feb 2014

Puerto Rico gets serious about HIPAA $6.8 million in penalties connected to data breach

Ricardo Rivera Cardona of the Puerto Rico Health Insurance Administration, intending to send a message by imposing the largest penalty to date ($6.8


Jackson Lewis PC | USA | 6 Aug 2013

Massachusetts repeals portions of state health care reform law

Massachusetts has repealed both the Fair Share Contribution (FSC) provisions and the employee Health Insurance Responsibility Disclosure (HIRD) form

Previous page 1 2