Laws & Regulations Archives

Archive for the ‘Laws & Regulations’ Category

HIPAA & Calling Out Full Names In Waiting Rooms

Monday, March 2nd, 2009

Over the years I have done several interviews for articles about HIPAA compliance. I recently did an interview for an HCPro article, “Physician offices: Tackle a different set of privacy training challenges.” (Sorry, this is not publicly posted to my knowledge.)
Well, today I received a message about this article from a clearly agitated reader, whose name (of course) I am not including in the following message…

(more…)

Tags:awareness and training, HIPAA, Information Security, IT compliance, IT training, patient privacy, PHI, policies and procedures, privacy training, protected health information, risk management, security training
Posted in Laws & Regulations, Privacy and Compliance | 7 Comments »

Judgment For Disclosing PII To Business Partners: Explicit Opt-In Is Required

Friday, February 27th, 2009

I just ran across the judgment for an interesting case involving privacy and opt-in consent for disclosing personally identifiable information (PII)…

(more…)

Tags:awareness and training, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training, third party security
Posted in Laws & Regulations, Privacy and Compliance | No Comments »

Judgment For Disclosing PII To Business Partners: Explicit Opt-In Is Required

Friday, February 27th, 2009

I just ran across the judgment for an interesting case involving privacy and opt-in consent for disclosing personally identifiable information (PII)…

(more…)

Tags:awareness and training, FCC, Information Security, IT compliance, IT training, Opt-in, policies and procedures, privacy training, risk management, security training, third party security
Posted in Laws & Regulations, Privacy and Compliance | No Comments »

Report on Healthcare Provider HIPAA Progress

Monday, February 23rd, 2009

Here’s an interesting report from URAC about healthcare providers and HIPAA compliance progress…

(more…)

Tags:awareness and training, HIPAA, Information Security, IT compliance, IT training, patient privacy, policies and procedures, privacy training, risk management, security training, URAC
Posted in Laws & Regulations, Privacy and Compliance | No Comments »

Surveillance: New Employee Privacy Law in Portugal

Sunday, February 22nd, 2009

On Februry 17, 2009, a new workplace privacy law took effect in Portugal…

(more…)

Tags:awareness and training, Information Security, IT compliance, IT training, policies and procedures, Portugal privacy law, privacy training, risk management, security training
Posted in Laws & Regulations, Privacy and Compliance | No Comments »

2ND HIPAA Sanction: CVS Must Pay $2.25 Million And Improve Info Sec Practices For Improper Disposal

Thursday, February 19th, 2009

The 2nd ever to date HIPAA sanction has been handed down by the Department of Health and Human Services (HHS)…

(more…)

Tags:awareness and training, CVS, HIPAA, HIPAA sanction, Information Security, IT compliance, IT training, policies and procedures, privacy rule, privacy training, risk management, security rule, security training
Posted in Information Security, Laws & Regulations, Non-compliance Sanctions Examples, Privacy and Compliance | No Comments »

New Online Behavioral Advertising Principles: Self Regulation Does Not Mean Less Scrutiny By The FTC!

Monday, February 16th, 2009

On February 12 the U.S. Federal Trade Commission (FTC), the most actively aggressive oversight agency in the U.S. with regard to enforcing privacy protections, released new behavioral advertising principles…

(more…)

Tags:awareness and training, behaviorial advertising, compliance, FTC, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy principles, privacy training, risk management, security training
Posted in government, Laws & Regulations, Privacy and Compliance | No Comments »