What will the CPRA passing mean to anyone doing business with Californians?

CPRA passage california privacy act

With the California Privacy Rights Act (CPRA) passage (aka Prop 24), the CCPA, already strict in its interpretation of PII, expands consumer rights and places new requirements on businesses. A few loopholes close, definitions gain clarity – and it becomes even more imperative to educate and notify consumers on data use, personalization, and so forth. … Read more

What’s the California Assembly’s Course Correction mean to CCPA?

CCPA Course Correction HIPAA Exemption

Well, remember the issues around what the “HIPAA exemption” in the California Consumer Privacy Act (CCPA) really applied to?  We wrote about it here all the way back in May 2019. Turns out our impression was correct – so correct that California just passed a law to correct it! Here’s the skinny: On September 5, … Read more

Telework & Telehealth: How Can We Work Securely During a Pandemic?

how to telework telehealth securely

Remember that brief moment when we thought the COVID-19 business impact was lifting? It was a nice thought, but we were wrong. We’re firmly in the midst of the pandemic with alleviation an ever-moving target. What does this mean for businesses, especially covered entities (CE) and business associates (BA)? Telework and telehealth present security risks, … Read more

How the SHIELD Act Expands Legal Reach on Breaches

New York SHIELD Act image

Interested in some (thankfully) non-pandemic related news? New York State’s SHIELD Act is in effect as of March 21, 2020. The SHIELD Act (Stop Hacks and Improve Electronic Data Security Act) takes several actions, including: broadening the definition of “Private Information”, expanding the definition of breach, and expanding the reach of the law to include … Read more

Return from Remote Work: How do you secure remotely used data & devices?

return from remote work

As things ease up, and slowly people return to the office, what steps do you need to take to make sure data and devices are secure? It’s not quite a reversal of what covered entities (CE) and business associates (BA) went through when everyone who was non-essential was required to go to remote work, but … Read more

Video Hijacking Have You Worried? Try these 5 Steps from the FBI

video hijacking fbi advice apgar

The healthcare industry reports that video hijacking, or teleconference hijacking, emergence on the rise as telehealth appointments replace typical in-person ones during the COVID-19 crisis. The FBI has received multiple reports of conferences being disrupted by pornographic images, hate images and threatening language. Yet another reason that, even though OCR has indicated it will not … Read more

When It’s OK to Share: OCR’s Novel Coronavirus Disease (COVID-19) Limited Waiver

OCR Limited Waiver HIPAA

Novel Coronavirus, aka COVID-19, is on track to stretch our healthcare system to the breaking point, and our healthcare providers along with it. In effect as of March 15, 2020, the OCR’s published a Limited Waiver of HIPAA Sanctions and Penalties that during this National Emergency could give care providers one less source of anxiety … Read more

Teleworking Safely: Precautions for Working Remotely during COVID-19

COVID-19 Teleworking Safety Tips

As we cope with the COVID-19 pandemic, it’s important to take a few extra measures to protect your organization, your patients and clients, and your data. Teleworking, where more and more individuals are working remotely, is widely accepted to prevent further spread of the virus. Now is a good time to address the risks that … Read more

What does the CCPA have to do with Policies & Procedures?

policies procedures CCPA

Compliance with CCPA is entwined with how you do business. Your business operations (the “how and what”) directly link to company policy, controls, processes: policies and procedures. You could say that the CCPA has everything to do with policies and procedures. Which is why you need to update yours – yesterday. Not convinced? Let’s go … Read more