Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an organization’s highest priorities. Our security and privacy team at Epstein Becker & Green has written extensively about the guidance and best practices issued by federal and state regulatory and enforcement agencies. Execution, monitoring and continually updating these preventive practices define an organization’s first line of defense. But what happens in the event that an organization actually suffers a breach? Is there guidance that might be available, particularly to healthcare organizations, to deal with continuity and disaster planning (BC/DR) directed towards assuring resilience and recovery in the event of a potentially-disastrous cyberattack?

Continue Reading Hacking Healthcare: Cyberattack Contingency Planning and Response

Throughout 2021, we closely monitored the latest privacy laws and a surge of privacy, cybersecurity, and data asset management risks that affect organizations, small and large. As these laws continue to evolve, it is important for companies to be aware and compliant. We will continue to monitor these trends for 2022.

The attorneys of the Privacy, Cybersecurity & Data Asset Management group have written on a wide range of notable developments and trends that affect employers and health care providers. In case you missed any, we have assembled a recap of our top 10 blog posts of 2021, with links to each, below:

Continue Reading A Year in Review: Top 10 Privacy, Cybersecurity & Data Asset Management Issues in 2021

Recent data thefts and systems intrusions, particularly with respect to ransomware, have assured that cybersecurity is top of mind for corporate executives and compliance officials. We at EBG have tried to keep you up to date with respect to legislative, regulatory and litigation developments and recommended best practices and procedures.

As we close out the year, we all should remain mindful that cyber criminals, especially those who are supported or protected by foreign adversaries, have little incentive to rest up during the holidays.

Continue Reading Holiday Cyber Storm Warnings

The Federal Trade Commission (“FTC”) recently issued guidance clarifying protections applicable to consumers’ sensitive personal data increasingly collected by so-called “health apps.” The FTC press release indicated it has approved a policy statement by a vote of 3-2 offering guidance that organizations using “health applications and connected devices” to “collect or use” consumers’ personal health

In this episode of the Diagnosing Health Care PodcastThe vaccine passport has been a major topic of discussion as businesses and governments consider how to balance privacy and safety through the rollout of the COVID-19 vaccine. Epstein Becker Green attorneys Patricia WagnerAlaap Shah, and Jessika Tuazon discuss the privacy and

After a Congressional override of a Presidential veto, the National Defense Authorization Act became law on January 1, 2021 (NDAA). Notably, the NDAA not only provides appropriations for military and defense purposes but, under Division E, it also includes the most significant U.S. legislation concerning artificial intelligence (AI) to date: The National Artificial Intelligence Initiative

In response to the growing concerns of the capacity of the health care workforce as a result of the COVID-19 pandemic, on March 24, 2020 the Secretary of Health and Human Services, Alex Azar, issued a letter and associated Guidance to all Governors urging them to take immediate action.  While the federal government, and some

The market for direct-to-consumer (“DTC”) genetic testing has increased dramatically over recent years as more people are using at-home DNA tests.  The global market for this industry is projected to hit $2.5 billion by 2024.  Many consumers subscribe to DTC genetic testing because they can provide insights into genetic backgrounds and ancestry.  However, as

Consumer privacy protection continues to be top of mind for regulators given a climate where technology companies face scrutiny for lax data governance and poor data stewardship.  Less than a year ago, California passed the California Consumer Privacy Act (CCPA) of 2018, to strengthen its privacy laws.  In many regards, the CCPA served as