Clients Legal Needs in HIPAA Security Compliance
|
|
- Phillip Nichols
- 8 years ago
- Views:
Transcription
1 Clients Legal Needs in HIPAA Security Compliance Robyn A. Meinhardt, JD, RN FOLEY & LARDNER LLP 2004 Preserving Attorney-Client Privilege and Work Product Protections 1
2 Relevance to Security Compliance Audits and Internal Investigations To encourage parties to seek legal advice freely and to communicate candidly with an attorney during consultations about specific matters without fear that confidential information will be disclosed. Elements Necessary for Protection Privilege protects confidential communications between a client and attorney for the purposes of securing legal advice. Communications must be with either an attorney acting in a legal capacity or with the attorney s subordinate or agent. 2
3 Elements, con t Communications must be made to secure legal advice. Matters discussed with employees relate only to the scope of their duties. Communications are ordered to be kept confidential by employees. Documents are marked as privileged and attorney work product (as appropriate) and segregated from regular business materials. Potential Limitation on Attorney- Client Privilege While the privilege protects communications between the attorney and a client, information contained in the communication to an attorney may not be privileged. 3
4 Legal Advice vs. Business Advice The primary purpose of the consultation must be to obtain legal advice. If using in-house counsel, must clearly show advice was given in a professional legal capacity. If documentation is used by both legal and nonlegal personnel, a court may conclude that the primary purpose was not to secure legal advice. The Attorney Work Product Privilege? Protects documents prepared in anticipation of litigation by a party or the party s representative. In anticipation of litigation is broadly interpreted, and can include potential government investigations. Protects the mental impressions, conclusions, or opinions of the attorney contained in any document. 4
5 Attorney Work Product Privilege, con t May protect documents and communications other than those between an attorney and a client. Only extends to documentation prepared in anticipation of or during litigation. Compliance Investigations / Audits under Attorney-Client Privilege Performing audits in participation with and under engagement of legal counsel is a viable method for identifying risks while protecting the confidentiality of that information. 5
6 Legal Counsel s Responsibilities Related to Procuring Agents Engage vendor through verbal communications, and confirm engagement with a formal engagement letter that defines the vendor s scope of work, reporting responsibilities to legal counsel, and method of payment. Approve the work plan/audit program developed for the investigation. Direct the vendor regarding communication protocols and report distribution. Legal Counsel s Responsibilities, con t Review vendor s audit work papers as deemed appropriate. Review and approve vendor s audit reports. Distribute or approve distribution of audit reports to appropriate parties. 6
7 Important Notes: There are no absolute guarantees that communications and documentation will be fully protected from disclosure. Legal counsel represents the client, not the client s employees. Therefore, the privilege only extends to the client, and not their employees. More Important Notes: If the client chooses to waive its privilege, information provided by employees may be disclosed. Employees must be informed of this prior to interview. 7
8 Additional sources of Security Obligations Comprehensive computer security requirements are currently mandated by statute or regulation in three industries: Financial services (G-L-B) Health care (HIPAA security regulations) Activities under jurisdiction of the Food and Drug Administration (21 C.F.R. Part 11) Legal Sources of Security Obligations FOLEY & LARDNER LLP
9 Sources of Security Obligations: FTC FTC: Pursuing enforcement actions against companies that promise privacy but fail to deliver due to infrastructure vulnerabilities (FTC asserts this is an unfair or deceptive trade practice ). FTC also enforces COPPA (Children s Online Privacy Protection Act Includes a requirement for reasonable procedures to protect the confidentiality, security, and integrity of personal information collected from children. Sarbanes-Oxley Act Publicly Traded Companies (for now) The Act requires the SEC to prescribe rules requiring annual reports to contain an internal control report. Imposes management responsibility for establishing, maintaining and assessing the effectiveness of an adequate internal control structure. CEO and CFO certifications of material information are to address the effectiveness of internal controls for ensuring information accuracy. 9
10 Sarbanes-Oxley Act The Act s internal controls mandate will: Require assessment of the company s information systems and associated business processes for security Make a secure information infrastructure necessary, in order to provide accurate financial reporting California s Database Protection Act Also known as SB 1386; Civil Code etc. seq. Applies to any person or business doing business in California. Requires notification to data subjects who are California residents, whenever their name plus either: Social Security Number; Driver s license or California ID card number; or Financial account, credit or debit card number and any related PIN has been accessed without authorization (unless that information was encrypted). 10
11 Fiduciary Duties of Corporate Directors Recent Corporate Law Developments regarding Fiduciary Obligations three examples of this growing field of law Pereira v. Cogan, 2003: Federal district court decision focused on breach of the fiduciary duties of the directors of a private company. Holding: Directors who purposefully remain ignorant of issues, without regard to their fiduciary obligations, will be held liable. Fiduciary Duties of Corporate Directors In re The Walt Disney Co. Derivative Litigation (May, 2003: Delaware Chancery Court decision regarding executive compensation). Shareholders allegation was that directors nonparticipation in selection and compensation of president resulted in $138 million loss. The court determined that if this allegation was true, the directors would not have acted in good faith, and so would not be protected by the business judgment rule i.e., would be personally liable. 11
12 Worldcom Bankruptcy WorldCom bankruptcy case: bankruptcy examiner s Thornburgh Report of 2003: Discusses lapses in fiduciary judgment with respect to financial affairs, strategic planning and oversight of senior management; and Comments on the unwillingness of WorldCom counsel (inside and outside) to advise the Board about its fiduciary obligations related to corporate decision-making. International Sources of Security Obligations Council of Europe s Draft Convention on Cybercrime (2001). Article 12: Corporate liability for lack of supervision or control of its agents. European Union s Data Privacy Directive: Controls processing of personal information Each EU country enacts implementing legislation. (ABA s International Guide to Combating Cybercrime: 12
13 Computer Fraud and Abuse Act 1. Computer Fraud and Abuse Act of 1986 (as amended) 18 U.S.C. Section 1030: criminalizes acts against protected computers - those used in government, financial services, or in interstate or foreign commerce. Crimes defined include intentionally accessing a computer without authorization or in excess of authorized access. Electronic Communications Privacy Act 2. Electronic Communications Privacy Act of 1986, 18 U.S.C. Sections : Addresses allowance of and limits on network monitoring Amended by the 2002 Homeland Security Act (Pub. L. No ): Included the Cyber Security Enhancement Act which expanded cybercrime definitions and penalties. 13
14 PATRIOT Act 3. US PATRIOT Act of 2001 (Pub. L. No ): Addressed communications tracing and interception; Protected disclosures to law enforcement; Expanded search warrants; Enhanced cybercrime/cyberterrorism penalties; And more. Trade Secret Offenses 5. Economic Espionage Act of 1996, 18 U.S.C. Sections : Describes a number of crimes that fall under the theft of trade secrets and economic espionage headings. May apply to conduct outside the U.S. Penalties include forfeiture of property. 14
15 Other Federal Criminal Statutes related to Computer Crime 18 U.S.C. Section 1029 (Fraud and Related Activity in Connection with Access Devices) 18 U.S.C. Section 1362 (Communication Lines, Stations or Systems) US Child Pornography Prevention Act of 1996 PROTECT Act 18 U.S.C
Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So?
Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So? Bruce Heiman K&L Gates September 10, 2015 Bruce.Heiman@klgates.com (202) 661-3935 Why share information? Prevention
More informationCYBER SECURITY A L E G A L P E R S P E C T I V E
A L E G A L P E R S P E C T I V E T H O M A S G. S C H R O E T E R A S S O C I A T E G E N E R A L C O U N S E L P O R T O F H O U S T O N A U T H O R I T Y DISCLAIMER! This presentation: does not include
More informationPrivacy Law Basics and Best Practices
Privacy Law Basics and Best Practices Information Privacy in a Digital World Stephanie Skaff sskaff@fbm.com What Is Information Privacy? Your name? Your phone number or home address? Your email address?
More informationProtecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00)
Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00) May 15, 2009 LLP US Information Security Framework Historically industry-specific HIPAA Fair Credit Reporting
More informationInformation Security Law: Control of Digital Assets.
Brochure More information from http://www.researchandmarkets.com/reports/2128523/ Information Security Law: Control of Digital Assets. Description: For most organizations, an effective information security
More informationAs Amended by Senate Committee SENATE BILL No. 408
Session of As Amended by Senate Committee SENATE BILL No. 0 By Committee on Corrections and Juvenile Justice - 0 AN ACT concerning abuse, neglect and exploitation of persons; relating to reporting and
More informationIntroduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide
Introduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide by Christopher Wolf Directors, Privacy and Information Management Practice Hogan Lovells US LLP christopher.wolf@hoganlovells.com
More informationCybersecurity y Managing g the Risks
Cybersecurity y Managing g the Risks Presented by: Steven L. Caponi Jennifer Daniels Gregory F. Linsin 99 Cybersecurity The Risks Are Real Perpetrators are as varied as their goals Organized Crime: seeking
More informationBy Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN
Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN The HITECH Act is the
More informationData Breach Reporting: Summary of Governing Bodies with Reporting Requirements in the United States
Data Breach Reporting: Summary of Governing Bodies with Reporting Requirements in the United States Introduction When it comes to Personally Identifiable Information (PII), privacy laws and regulations
More informationCYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131
CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 TOPICS 1. Threats to your business s data 2. Legal obligations
More informationAlert. Client PROSKAUER ROSE
PROSKAUER ROSE Client Alert SEC Adopts Rules to Require Attorneys to Report Violations "Up the Ladder" and Proposes to Require "Noisy Withdrawals" by Attorneys or Disclosure by Public Companies, if Responses
More informationREPORTING REQUIREMENTS
REPORTING REQUIREMENTS REPORTING REQUIREMENTS Consistent with state law, you must report known or suspected abuse, neglect, and/or exploitation of children and certain adults. Different rules apply to
More informationFEDERAL LAWS RELATING TO FRAUD, WASTE AND ABUSE
FEDERAL LAWS RELATING TO FRAUD, WASTE AND ABUSE FEDERAL CIVIL FALSE CLAIMS ACT The federal civil False Claims Act, 31 U.S.C. 3729, et seq., ( FCA ) was originally enacted in 1863 to combat fraud perpetrated
More informationPrivacy Legislation and Industry Security Standards
Privacy Legislation and Issue No. 3 01010101 01010101 01010101 Information is generated about and collected from individuals at an unprecedented rate in the ordinary course of business. In most cases,
More informationIdentity Theft Regulation. *Christine Stagnetto-Sarmiento, Oglala Lakota College, USA. *Corresponding Author, 490 Piya Wiconi Road-Kyle, South Dakota
1 Identity Theft Regulation *Christine Stagnetto-Sarmiento, Oglala Lakota College, USA *Corresponding Author, 490 Piya Wiconi Road-Kyle, South Dakota (605) 455-6110 csarmiento@olc.edu Introduction This
More informationFEDERAL IDENTITY THEFT TASK FORCE. On May 10, 2006, the President signed an Executive Order establishing an Identity Theft
FEDERAL IDENTITY THEFT TASK FORCE Attorney General Alberto Gonzales Federal Trade Commission Chairman Deborah Platt Majoras On May 10, 2006, the President signed an Executive Order establishing an Identity
More informationIntroduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery
Today s Topics Introduction to Data Privacy & ediscovery General Overview Data Privacy in the United States Data Privacy in Foreign Countries Intersection of Data Privacy & ediscovery Preservation of Data
More informationASSEMBLY BILL No. 597
california legislature 2015 16 regular session ASSEMBLY BILL No. 597 Introduced by Assembly Member Cooley February 24, 2015 An act to amend Sections 36 and 877 of, and to add Chapter 6 (commencing with
More informationNavigating the New MA Data Security Regulations
Navigating the New MA Data Security Regulations Robert A. Fisher, Esq. 2009 Foley Hoag LLP. All Rights Reserved. Presentation Title Data Security Law Chapter 93H Enacted after the TJX data breach became
More informationData Privacy and Cybersecurity Task Force
Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,
More informationCybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission. June 25, 2015
Cybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission June 25, 2015 1 Your Panelists Kenneth L. Chernof Partner, Litigation, Arnold & Porter LLP Nicholas
More informationHandling Disagreement with Superiors Decisions and Whistleblowing
Handling Disagreement with Superiors Decisions and Whistleblowing The mandate of the Office of Inspector General (OIG) is to root out fraud, waste, and abuse, as well as promote the economy and efficiency
More informationPrepare for the Worst: Best Practices for Responding to Cybersecurity Breaches Trivalent Solutions Expo June 19, 2014
Prepare for the Worst: Best Practices for Responding to Cybersecurity Breaches Trivalent Solutions Expo June 19, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented by: Jennifer A.
More informationASSEMBLY BILL No. 597
AMENDED IN ASSEMBLY APRIL 14, 2015 california legislature 2015 16 regular session ASSEMBLY BILL No. 597 Introduced by Assembly Member Cooley February 24, 2015 An act to amend Sections 36 and 877 of, and
More informationThe Legal Pitfalls of Failing to Develop Secure Cloud Services
SESSION ID: CSV-R03 The Legal Pitfalls of Failing to Develop Secure Cloud Services Cristin Goodwin Senior Attorney, Trustworthy Computing & Regulatory Affairs Microsoft Corporation Edward McNicholas Global
More informationClient Advisory October 2009. Data Security Law MGL Chapter 93H and 201 CMR 17.00
Client Advisory October 2009 Data Security Law MGL Chapter 93H and 201 CMR 17.00 For a discussion of these and other issues, please visit the update on our website at /law. To receive mailings via email,
More informationMichie's Legal Resources. This part shall be known and may be cited as the Tennessee Identity Theft Deterrence Act of 1999. [Acts 1999, ch. 201, 2.
http://www.michie.com/tennessee/lpext.dll/tncode/12ebe/13cdb/1402c/1402e?f=templates&... Page 1 of 1 47-18-2101. Short title. This part shall be known and may be cited as the Tennessee Identity Theft Deterrence
More informationHIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act
International Life Sciences Arbitration Health Industry Alert If you have questions or would like additional information on the material covered in this Alert, please contact the author: Brad M. Rostolsky
More informationEthics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015
Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Katherine M. Layman Cozen O Connor 1900 Market Street Philadelphia, PA 19103 (215) 665-2746
More informationREFERENCE TITLE: accountancy board; certified public accountants HB 2218. Introduced by Representative Thorpe AN ACT
REFERENCE TITLE: accountancy board; certified public accountants State of Arizona House of Representatives Fifty-second Legislature First Regular Session HB Introduced by Representative Thorpe AN ACT AMENDING
More informationSETTLEMENT AGREEMENT. This Settlement Agreement ( Agreement ) is entered into among the United
SETTLEMENT AGREEMENT This Settlement Agreement ( Agreement ) is entered into among the United States of America, acting through the United States Department of Justice and on behalf of the Department of
More informationMastering Data Privacy, Social Media, & Cyber Law
Mastering Data Privacy, Social Media, & Cyber Law October 22, 2014 Data Breach Notification and Cybersecurity Developments in 2014 Melissa J. Krasnow, Dorsey & Whitney LLP, and Certified Information Privacy
More informationSigned into law on February 17, 2009, the Stimulus Package known
Stimulus Package Expands HIPAA Privacy and Security and Adds Federal Data Breach Notification Law Marcy Wilder, Donna A. Boswell, and BarBara Bennett The authors discuss provisions of the Stimulus Package
More informationJune 10, 2010. 2010 Legislative Amendments to the Indiana Code Relating to First Lien Mortgage Act (the Act )
June 10, 2010 2010 Legislative Amendments to the Indiana Code Relating to First Lien Mortgage Act (the Act ) Effective July 1, 2010 (except as otherwise indicated) Questions, Answers, and Administrative
More informationHOUSE BILL No. 4917. July 18, 2013, Introduced by Rep. Heise and referred to the Committee on Judiciary.
HOUSE BILL No. HOUSE BILL No. July, 0, Introduced by Rep. Heise and referred to the Committee on Judiciary. A bill to amend PA, entitled "Revised judicature act of," (MCL 00.0 to 00.) by adding chapter
More informationExhibit A. Federal Statutes Impacting Data Security
Exhibit A Federal Statutes Impacting Data Security Michele A. Whitham Partner, Founding Co-Chair Security & Privacy Practice Group Foley Hoag LLP 155 Seaport Boulevard Boston, MA 02210 Federal Law Citation
More informationSubtitle B Increasing Regulatory Enforcement and Remedies
H. R. 4173 466 activities and evaluates the effectiveness of the Ombudsman during the preceding year. The Investor Advocate shall include the reports required under this section in the reports required
More informationCybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues
Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues Todd Bertoson Daniel Gibb Erin Sheppard Principal Senior Managing Associate Counsel todd.bertoson@dentons.com
More informationLabor and Employment 2015 Conference
Labor and Employment 2015 Conference Investigations and Whistleblowing: How to Proceed When an Investigation Reveals Criminal Conduct or Other Improprieties Abigail Crouse Associate General Counsel RJ
More informationUNITED STATES DISTRICT COURT DISTRICT OF CONNECTICUT
UNITED STATES DISTRICT COURT DISTRICT OF CONNECTICUT ATTORNEY GENERAL OF THE : STATE OF CONNECTICUT, and : STATE OF CONNECTICUT : Plaintiffs, : : v. : Civ. No. : HEALTH NET OF THE NORTHEAST, INC., : HEALTH
More informationHIPAA PRIVACY NOTICE PLEASE REVIEW IT CAREFULLY
HIPAA PRIVACY NOTICE THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN OBTAIN ACCESS TO THIS INFORMATION. INTRODUCTION PLEASE REVIEW IT CAREFULLY Moriarty
More information2015 -- S 0134 SUBSTITUTE B ======== LC000486/SUB B/2 ======== S T A T E O F R H O D E I S L A N D
0 -- S 01 SUBSTITUTE B LC000/SUB B/ S T A T E O F R H O D E I S L A N D IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 0 A N A C T RELATING TO CRIMINAL OFFENSES - IDENTITY THEFT PROTECTION Introduced By: Senators
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationCommodity Futures Trading Commission Commodity Whistleblower Incentives and Protection
Commodity Futures Trading Commission Commodity Whistleblower Incentives and Protection (7 U.S.C. 26) i 26. Commodity whistleblower incentives and protection (a) Definitions. In this section: (1) Covered
More informationMastering Data Privacy, Protection, & Forensics Law
Mastering Data Privacy, Protection, & Forensics Law April 15, 2015 Data Breach Notification and Cybersecurity Developments in 2015 Melissa J. Krasnow, Dorsey & Whitney LLP, and Certified Information Privacy
More informationCredit Reports and the Fair Credit Reporting Act. The Credit Bureaus
Credit Reports and the Consumer Law Eric E. Johnson eejlaw.com Konomark Most rights sharable. The Credit Bureaus 1 State law causes of action against credit bureaus Defamation Invasion of privacy State
More informationINDEPENDENT CONTRACTOR AGREEMENT
INDEPENDENT CONTRACTOR AGREEMENT This Independent Contractor Agreement ( Agreement ) is entered between Nordstrom, Inc. ( Nordstrom ), with a business address at 1700 Seventh Avenue, Suite 1000, Seattle,
More informationNew Privacy Laws Impacting the Health Care Work Place
New Privacy Laws Impacting the Health Care Work Place Presented by Thomas E. Jeffry, Jr., Esq. Arent Fox LLP Washington, DC New York, NY Los Angeles, CA November 12 & 19, 2009 Overview 1. Overview of California
More informationTexas Environmental, Health and Safety Audit Privilege Act
Texas Environmental, Health and Safety Audit Privilege Act SCOTT D. DEATHERAGE PARTNER G A R D ERE WYNNE SEWELL, DALLAS S D EATHERAGE@GARDERE.COM Legislation Texas Environmental, Health and Safety Audit
More informationStandards of. Conduct. Important Phone Number for Reporting Violations
Standards of Conduct It is the policy of Security Health Plan that all its business be conducted honestly, ethically, and with integrity. Security Health Plan s relationships with members, hospitals, clinics,
More informationCYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES
COMMITTEE OF EXPERTS ON TERRORISM (CODEXTER) CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES UNITED STATES OF AMERICA September 2007 Kapitel 1 www.coe.int/gmt The responses provided below
More informationSecurities Whistleblower Incentives and Protection
Securities Whistleblower Incentives and Protection 15 USC 78u-6 (As added by P.L. 111-203.) 15 USC 78u-6 78u-6. Securities whistleblower incentives and protection (a) Definitions. In this section the following
More informationFair Credit Reporting Act Compliance Guide
Fair Credit Reporting Act Compliance Guide FAIR CREDIT REPORTING ACT TABLE OF CONTENTS Page I. INTRODUCTION...1 A. Increased Applicant and Employee Rights...1 B. What is a "Consumer Report?"...1 C. What
More informationTape Vaulting Audit And Encryption Usage Analysis
Tape Vaulting Audit And Encryption Usage Analysis Prepared for Public Presentation (includes SB 1386, Gramm Leach Bliley, and Personal Data Protection and Security Act of 2005 Customer Information Protection
More informationGENERAL ASSEMBLY OF NORTH CAROLINA SESSION 2007 S 1 SENATE BILL 1198
GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 0 S SENATE BILL Short Title: Regulate Debt Settlement. Sponsors: Senators Clodfelter; and Berger of Rockingham. Referred to: Commerce, Small Business and Entrepreneurship.
More informationData protection and outsourcing industry - A study. By Kumar Mihir
Data protection and outsourcing industry - A study By Kumar Mihir Scientia Potenti Est- Knowledge is power. The said maxim is apt to describe the primary business model in the 21 st century when information
More informationAgreement for 2015 S Corporation Income Tax Preparation
Agreement for 2015 S Corporation Income Tax Preparation Dear Client: We will prepare the federal, resident state and city S-corporation income tax returns for for the year ended December 31, 2015 and we
More informationPolicy Implications: Privacy, Security and Liability Big Data in Telecom. June 7 2012 TIA 2012: INSIDE THE NETWORK Dallas TX
Policy Implications: Privacy, Security and Liability Big Data in Telecom June 7 2012 TIA 2012: INSIDE THE NETWORK Dallas TX Who We Are Leading trade association in support of information and communications
More informationIN THE UNITED STATES DISTRICT COURT DISTRICT OF
IN THE UNITED STATES DISTRICT COURT DISTRICT OF UNITED STATES OF AMERICA ) Civil Action No. Ex rel. ) ) FILED IN CAMERA AND Plaintiff, ) UNDER SEAL ) vs. ) FALSE CLAIMS ACT ) MEDICAID FRAUD, ), and ) JURY
More informationComment [1]: BDERIV. Comment [2]: EDERIV
56-1001. Short title. This act shall be known and may be cited as the "Oklahoma Medicaid Program Integrity Act". Added by Laws 1989, c. 220, 1, operative July 1, 1989. 56-1002. Definitions. As used in
More informationDesignation of employee(s) in charge of the program; Identifying and assessing risks/threats and evaluating and improving
PRIVACY & DATA SECURITY LAW JOURNAL MASSACHUSETTS On September 22, 2008, Massachusetts adopted regulations that will require businesses, wherever located, that own, license, store, or maintain information
More informationPolicies and Procedures: WVUPC Policy Pursuant to the Requirements of the Deficit Reduction Act of 2005
POLICY/PROCEDURE NO.: B-17 Effective date: Jan. 1, 2007 Date(s) of review/revision: Nov. 1, 2015 Policies and Procedures: WVUPC Policy Pursuant to the Requirements of the Deficit Reduction Act of 2005
More informationSCAN Health Plan Policy and Procedure Number: CRP-0067, False Claims Act & Deficit Reduction Act 2005
Health Plan Policy and Procedure Number: CRP-0067, False Claims Act & Deficit Reduction Act 2005 Approver Approval Stage Date Chris Zorn Approval Event (Authoring) 12/09/2013 Nancy Monk Approval Event
More informationGuylyn Cummins, Esq. Elizabeth Balfour, Esq.
Privacy Law Perils in California, the Nation and Beyond: Securing Data, Responding to Theft of Data and Other Business Assets, Assessing Your Company s Privacy Policy, Evaluating Risks Presented by Your
More informationHow To Understand And Understand The Benefits Of A Health Insurance Risk Assessment
4547 The Case For HIPAA Risk Assessment Leader s Guide IMPORTANT INFORMATION FOR EDUCATION COORDINATORS & PROGRAM FACILITATORS PLEASE NOTE: In order for this program to meet Florida course requirements,
More informationDELAWARE GOVERNANCE PRINCIPLES Steptoe & Johnson LLP (Overview) David Roll Richards, Layton & Finger, P.A. Samuel A. Nolen
Last Updated: June 2013 DELAWARE GOVERNANCE PRINCIPLES Steptoe & Johnson LLP (Overview) David Roll Richards, Layton & Finger, P.A. Samuel A. Nolen Table of Contents 1. The Sarbanes-Oxley Good Governance
More informationETHICAL LEGAL ADVOCACY: ISSUES FOR DOMESTIC VIOLENCE
ETHICAL LEGAL ADVOCACY: ISSUES FOR DOMESTIC VIOLENCE ADVOCATES ATTORNEY- CLIENT PRIVILEGE Attorney- client privilege ABA Model Rule 1.6 Any information transmitted between a lawyer and a client in the
More informationtroinet.com When It Comes to HIPAA Compliance, Ignorance of the Law Is No Excuse
When It Comes to HIPAA Compliance, Ignorance of the Law Is No Excuse When It Comes to HIPAA Compliance, Ignorance of the Law Is No Excuse The Health Insurance Portability and Accountability Act of 1996
More informationPreparing For and Responding to Government Investigations. Presented by Jeffrey Coopersmith
Preparing For and Responding to Government Investigations Presented by Jeffrey Coopersmith Substantive Areas of Government Inquiry Areas Where the Gov t Routinely Conducts Investigations: Securities Fraud
More informationDelaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP
Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats
More informationThe Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No. 94-94A-94B, AFL-CIO. Notice of Privacy Practices
The Health and Benefit Trust Fund of the International Union of Operating Section 1: Purpose of This Notice Notice of Privacy Practices Effective as of September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL
More informationCybercrime: A Sketch of 18 U.S.C. 1030 and Related Federal Criminal Laws
Order Code RS20830 Updated February 25, 2008 Cybercrime: A Sketch of 18 U.S.C. 1030 and Related Federal Criminal Laws Summary Charles Doyle Senior Specialist American Law Division The federal computer
More informationBUSINESS ASSOCIATE AGREEMENT ( BAA )
BUSINESS ASSOCIATE AGREEMENT ( BAA ) Pursuant to the terms and conditions specified in Exhibit B of the Agreement (as defined in Section 1.1 below) between EMC (as defined in the Agreement) and Subcontractor
More informationNewYork-Presbyterian Hospital Sites: All Centers Hospital Policy and Procedure Manual Number: D160 Page 1 of 9
Page 1 of 9 TITLE: FEDERAL DEFICIT REDUCTION ACT OF 2005 FRAUD AND ABUSE PROVISIONS POLICY: NewYork- Presbyterian Hospital (NYP or the Hospital) is committed to preventing and detecting any fraud, waste,
More informationCHAMPAIGN COUNTY NURSING HOME SUMMARY OF ANTI-FRAUD AND ABUSE POLICIES
1. PURPOSE CHAMPAIGN COUNTY NURSING HOME SUMMARY OF ANTI-FRAUD AND ABUSE POLICIES Champaign County Nursing Home ( CCNH ) has established anti-fraud and abuse policies to prevent fraud, waste, and abuse
More informationCONSENT AND DISCLOSURE REGARDING PROCUREMENT OF CONSUMER CREDIT REPORT, CONSUMER REPORT AND/OR INVESTIGATIVE CONSUMER REPORT FOR EMPLOYMENT PURPOSES
CONSENT AND DISCLOSURE REGARDING PROCUREMENT OF CONSUMER CREDIT REPORT, CONSUMER REPORT AND/OR INVESTIGATIVE CONSUMER REPORT FOR EMPLOYMENT PURPOSES I understand that [Employer] or one of its affiliates
More informationNote to Users: Page 1 of 5
Note to Users: The subsequent pages contain a Sample Business Associate Agreement that may be used by healthcare facilities. Be advised that this is strictly a sample and any formal Business Associate
More information2015 NMSBA SCHOOL LAW CONFERENCE
2015 NMSBA SCHOOL LAW CONFERENCE NETWORK SECURITY, DISTRICT POLICIES ON INTERNET USE, AND THE LAW Andrew M. Sanchez David A. Richter Cuddy & McCarthy, LLP 1 FEDERAL LAWS The Family Educational Rights and
More informationData Privacy and Security: A Primer for Law Firms
Data Privacy and Security: A Primer for Law Firms All We Do Is Work. Workplace Law. In four time zones and 46 major locations coast to coast. www.jacksonlewis.com JACKSON LEWIS SERVING THE DIVERSE NEEDS
More informationShipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS
Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009
More information2005 -- H 6191 SUBSTITUTE A AS AMENDED ======= LC02663/SUB A/2 ======= STATE OF RHODE ISLAND IN GENERAL ASSEMBLY JANUARY SESSION, A.D.
00 -- H 11 SUBSTITUTE A AS AMENDED LC0/SUB A/ STATE OF RHODE ISLAND IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 00 A N A C T RELATING TO IDENTITY THEFT PROTECTION Introduced By: Representatives Gemma, Sullivan,
More informationWhite Collar Criminal Defense, Internal Investigations & Corporate Compliance
Butzel Long :: Practice :: Practice Teams :: White Collar Criminal Defense, Internal Investigations & Corporate Compliance Team Contacts David F. DuMouchel Related Lawyers George B. Donnini Damien DuMouchel
More informationNOTICE OF PRIVACY PRACTICES
THIS SAMPLE NOTICE IS AN EXAMPLE OF THE KIND OF DOCUMENT THAT IS REQUIRED BY HIPAA s PRIVACY RULE. THIS IS A DRAFT PREPARED BY AAMFT LEGAL CONSULTANT RICHARD LESLIE, J.D., FOR THE STATE OF CALIFORNIA AND
More informationMetropolitan Jewish Health System and its Participating Agencies and Programs [MJHS]
Metropolitan Jewish Health System and its Participating Agencies and Programs [MJHS] POLICY PURSUANT TO THE FEDERAL DEFICIT REDUCTION ACT OF 2005: Detection and Prevention of Fraud, Waste, and Abuse and
More informationFair Debt Collection Practices Act 1
Fair Debt Collection Practices Act 1 The Fair Debt Collection Practices Act (FDCPA)(15 U.S.C. 1692 et seq.), which became effective March 20, 1978, was designed to eliminate abusive, deceptive, and unfair
More informationNotice of Privacy Practices
Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. This practice uses
More informationThe need for companies to have a predetermined plan in place in the
Companies Must Prepare for Data Theft TIMOTHY J. CARROLL, BRUCE A. RADKE, AND MICHAEL J. WATERS The authors discuss steps that companies can take to mitigate the risks of, or damages caused by, a security
More informationUPDATED. OIG Guidelines for Evaluating State False Claims Acts
UPDATED OIG Guidelines for Evaluating State False Claims Acts Note: These guidelines are effective March 15, 2013, and replace the guidelines effective on August 21, 2006, found at 71 FR 48552. UPDATED
More informationWheaton College Audit Committee Red Flag Identity Theft Prevention Program Meeting of February 20, 2009
Wheaton College Audit Committee Red Flag Identity Theft Prevention Program Meeting of February 20, 2009 Late last year, the Federal Trade Commission (FTC) and Federal banking agencies issued a regulation
More informationInca One Gold Corp. Insider Trading Policy
Inca One Gold Corp. Insider Trading Policy 1.0 Introduction The Board of Directors (the Board ) of Inca One Gold Corp. ( Inca One ) 1 has determined that Inca One should formalize its policy on securities
More informationSUBSTITUTE SENATE BILL 5059. State of Washington 64th Legislature 2015 Regular Session
S-1.1 SUBSTITUTE SENATE BILL 0 State of Washington th Legislature 01 Regular Session By Senate Law & Justice (originally sponsored by Senators Frockt, Fain, Pedersen, and Chase; by request of Attorney
More informationWhistleblowers & Corporate Fraud Investigations
Whistleblowers & Corporate Fraud Investigations Tuesday, May 10, 2011 McGuireWoods LLP 201 N. Tryon Street, Suite 3000 Charlotte, North Carolina www.mcguirewoods.com Whistleblower Provisions of the Dodd-Frank
More informationfraud, waste, abuse, compliance, integrity, Integrity Help Line
Policy / Procedure: KEY TERMS: fraud, waste, abuse, compliance, integrity, Integrity Help Line I. PURPOSE: To help our employees, agents and contractors understand the methods to prevent and detect fraud,
More informationPublic Information Program
Public Information Program Public Records Policy Purpose This policy is adopted pursuant to the Government Records Access and Management Act Utah Code Ann. 63G-2-701 ( GRAMA ) and applies to District records
More informationEMR: Electronic Medical Records Security: International Law Review
EMR: Electronic Medical Records Security: International Law Review HCCA 11 th Annual Compliance Institute, April 2007 Jill Nelson, RN, MBA, JD, CPC, CHC Cleveland Clinic, Director of Corporate Compliance
More informationUNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF FLORIDA WEST PALM BEACH DIVISION COMPLAINT FOR DECLARATORY JUDGMENT I.
UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF FLORIDA WEST PALM BEACH DIVISION JANICE LEE, ) ) Case No. Plaintiff, ) ) vs. ) ) BETHESDA HOSPITAL, INC. ) ) Defendant. ) ) COMPLAINT FOR DECLARATORY JUDGMENT
More informationDISCLOSURES OF PHI & FLORIDA STATE LAW
DISCLOSURES OF PHI & FLORIDA STATE LAW The Privacy Rule provides an extensive list of permitted disclosures; however, if state laws provide greater privacy protections or privacy rights with respect to
More informationADMINISTRATIVE POLICY SECTION: CORPORATE COMPLIANCE Revised Date: 2/26/15 TITLE: FALSE CLAIMS ACT & WHISTLEBLOWER PROVISIONS
Corporate Compliance Plan AD-819-0 Reporting of Compliance Concerns & Non-retaliation AD-807-0 Compliance Training Policy CFC ADMINISTRATIVE POLICY AD-819-1 SECTION: CORPORATE COMPLIANCE Revised Date:
More informationUNITED STATES DISTRICT COURT DISTRICT OF MINNESOTA Criminal No.:
UNITED STATES DISTRICT COURT DISTRICT OF MINNESOTA Criminal No.: UNITED STATES OF AMERICA, ) ) Plaintiff, ) DEFERRED PROSECUTION ) AGREEMENT v. ) ) BIXBY ENERGY SYSTEMS, INC., ) ) Defendant. ) The United
More information