We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

Search results

Order by: most recent most popular relevance



Results: 1-10 of 97

FTC issues revised business guide on ‘red flags’ identity theft rule
  • Foley Hoag LLP
  • USA
  • June 13 2013

The Federal Trade Commission has issued revised guidance designed to help businesses comply with the requirements of the Red Flags Rule, which


The wait is over! HHS finally issues revised HIPAA privacy and security regulations
  • Foley Hoag LLP
  • USA
  • January 18 2013

Nearly four years after the passage of the HITECH Act and its amendments to HIPAA, and nearly three years after it proposed regulatory amendments


“A million here, a million there” wellpoint settles HIPAA breach and security claims with HHS OCR for $1.7 million
  • Foley Hoag LLP
  • USA
  • July 12 2013

Managed care company WellPoint Inc. has agreed to pay the U.S. Department of Health and Human Services $1.7 million to settle potential HIPAA Privacy


Revised COPPA rules go into effect July 1, 2013
  • Foley Hoag LLP
  • USA
  • July 1 2013

In order to "keep up with technology," the FTC revised the Children's Online Privacy Protection Rule (COPPA) in 2012. As a result of those revisions


FTC to host public roundtables in December to address evolving consumer privacy issues
  • Foley Hoag LLP
  • USA
  • September 17 2009

The Federal Trade Commission will host a series of public "roundtable discussions" to explore the privacy challenges posed by "technology and business practices that collect and use consumer data," including social networking, cloud computing, online behavioral advertising, mobile marketing, and the collection and use of information by retailers, data brokers, third-party applications, and other diverse businesses


Massachusetts regulators propose amendments to information security regulations, delay enforcement until March 1, 2010
  • Foley Hoag LLP
  • USA
  • August 18 2009

On Monday, August 17, 2009, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) indicated that it will be modifying some provisions of the strict Massachusetts information security regulations first promulgated last year, 201 CMR 17


Connecticut AG opens new era in HIPAA enforcement with Health Net suit
  • Foley Hoag LLP
  • USA
  • January 13 2010

In the first instance of a state attorney general exercising the new powers granted by the Health Information Technology for Economic and Clinical Health Act ("HITECH Act"), Connecticut Attorney General Richard Blumenthal (and recently announced candidate for the U.S. Senate) filed suit today against Health Net of Connecticut, Inc. for failing to secure private patient medical records and financial information involving 446,000 enrollees in Connecticut and for failing to notify consumers of the security breach promptly


Doctors and other health care professionals challenge application of FTC Red Flags Rule
  • Foley Hoag LLP
  • USA
  • January 29 2010

The FTC Red Flags Rule faces another likely challenge, based on a January 27, 2010 letter sent to the FTC by the American Medical Association, the American Osteopathic Association, the American Dental Association, and the American Veterinary Medical Association


Is the rejection of security advice by users really rational? A response to Cormac Herley
  • Foley Hoag LLP
  • USA
  • April 10 2010

In the April 11, 2010, Boston Globe, there is an extended discussion of an article by Cormac Herley of Microsoft entitled, "So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users."


One million impacted by Blue Cross Blue Shield of Tennessee data breach: how do you remediate on that scale?
  • Foley Hoag LLP
  • USA
  • April 13 2010

Blue Cross Blue Shield of Tennessee announced last week that nearly 1 million of its members have been affected by the theft of hard drives containing unencrypted personal data