The U.S. Department of Agriculture (USDA) has tried to justify collecting personal data of millions of Supplemental Nutrition Assistance Program (SNAP) recipients, but its efforts have fallen short, the Electronic Privacy Information Center (EPIC) said in comments submitted Wednesday to the department.
The Department of Health & Human Services “betrayed the trust of almost 80 million people” by agreeing to share healthcare data from Medicaid participants with Immigration and Customs Enforcement, the Center for Democracy & Technology said in a statement Thursday.
Organizations should be aware of how broadly DOJ defines “personal health data” in its data transfer rule, attorneys at Bodman said in a Thursday post.
A mental health provider will pay $225,000 over claims it violated health privacy law by publicly sharing users’ sensitive information online, the Health and Human Services Office of Civil Rights announced Monday.
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced an $800,000 settlement with BayCare Health System for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The Wednesday settlement ends an OCR investigation into whether unauthorized access to an individual's electronic protected health information (ePHI) occurred at the Florida provider.
Three organizations called on contractors involved in the Supplemental Nutritional Assistance Program (SNAP) to reject a request from the Department of Agriculture (USDA) for access to personally identifiable information (PII) of SNAP recipients. A Monday letter from Protect Democracy, the Center for Democracy and Technology and the Electronic Privacy Information Center (EPIC) said the USDA's demand for data ignores the Federal Privacy Act, the Paperwork Reduction Act and several USDA regulations. EPIC released the letter Wednesday.
Tech companies are able to degrade product privacy protections without repercussions when "excessive regulation" insulates them from competition, the FTC said in a joint letter with DOJ on Monday.
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $600,000 settlement with California health care network PIH Health, Inc. (PIH) Wednesday over a phishing attack that allegedly exposed electronic protected health information (ePHI) of almost 200,000 individuals.
Medical device companies with ties to China should prioritize compliance with DOJ’s new Data Security Program, attorneys at Hogan Lovells said Tuesday (see 2504140047).
DOJ’s data transfer rule might require a “deeper analysis on vendors and third parties” than expected, attorneys at Baker McKenzie said Monday in an opinion piece for the IAPP.