Written by: Richard Sheinis, Esq. The University of Massachusetts Amherst is paying $650,000 to OCR to settle allegations of HIPAA violations that occurred in 2013. UMass neglected to designate their Center for Language, Speech and Hearing as a health care component (Oops!), and neglected to have the most basic electronic security in place, including a firewall. This resulted in the Center being infected with malware which exposed names, addresses, social security numbers, dates of birth and medical information. The Center had also not conducted a basic, HIPAA required risk analysis. Having a risk analysis, which identifies weaknesses and vulnerabilities in the covered entity’s electronic security, is so basic to HIPAA, yet very few covered entities engage in a risk analysis, or its close cousin, a risk management plan. I suspect that one reason is that a risk analysis seems complicated, and HIPAA regulations do not provide much guidance on how…       Read More

Compiled by: Richard Sheinis, Esq. ‘GIVE ME 500 BITCOINS OR I START EXECUTING PATIENTS’ NEWS.com.au AUSTRALIAN hospitals are increasingly at risk of cyber criminal gangs who seek to steal patient data … THE TREND OF INDUSTRIALIZED HACKING. Madison Square Garden Discloses Data Breach Fortune It recommended that customers keep an eye on their payment records and alert their banks about any fraudulent charges. For more on data breaches, … Locky Ransomware Images Are Spreading via Social Media Top Tech News The suspicious images represent a new “ImageGate” attack vector for the Locky ransomware, according to a Thanksgiving Day blog post by security … Ransomware Crooks Demand $70000 After Hacking San Francisco Transport System — UPDATED Forbes “We can confirm a cyber attack. It disrupted some of our internal computer systems, such as email. Fare gates are again operational,” a spokesperson … Berkshire Medical Center Reports Data Breach Affecting 1700 Patients…       Read More

Written By: Don Benson, Esq. Many employers have been asking what is next step for them in light of the injunction issued 112/22/16 in the U.S.D.C. Texas holding that the DOL may not impose the new higher salary level for jobs exempt from overtime under the executive, administrative or professional exemptions of the federal Fair Labor Standards Act. The preliminary injunction keeps the new higher salary level from going into effect as scheduled on December 1, 2016. There is a two part test for these exemptions: (1) the job must have a minimal salary and (2) specific job duties. The salary portion of the test would have gone up from $23,660 annually to $47,892. The new Regulation would also have adjusted the salary level every three years automatically. The Texas federal court found that the plaintiffs in that case showed a “likelihood of success on the merits” that the new salary…       Read More

Compiled by: Richard Sheinis, Esq. Data Protection Disputes to Soar Over Next Five Years Infosecurity Magazine Experts are urging organizations to brace themselves for a surge in data protection-related legal disputes over the next five years, driven in part by … Hospitals lack staff needed to combat cyber attacks CSO Online These assertions are particularly worrisome given that healthcare has become the most cyber attacked industry. “Healthcare information is more … Atlantis Provides Notice of Data Security Incident thebahamasweekly.com PRNewswire — Atlantis, Paradise Island (the “Resort”) today announced that a recent data security incident may have compromised the … Homeland Security Chief Cites Phishing as Top Hacking Threat Fortune A version of this post originally appeared in the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Why are people still such … Physical Therapy Facility Reports Data Security Incident HealthITSecurity.com A physical therapy provider recently announced it experienced…       Read More

provided by Richard Sheinis, Esq. Adult FriendFinder hit with one of the biggest data breaches ever, report says Washington Post LeakedSource said the alleged breach includes nearly 340 million accounts from flagship site Adult FriendFinder, plus data from other sites owned by … UK approves extradition of alleged US government computer hacker USA Today LONDON – The United Kingdom signed off the extradition of a man accused of stealing data from the U.S. Department of Defense, the Federal … GDPR’s global reach to require at least 75000 DPOs worldwide SC Magazine UK The GDPR is being hailed as a major overhaul of data protection laws, and it will now act as the regulation which governs how any company handling … Medicare claims data sent to the wrong health records IT News DHS, which is responsible for the operation of the Medicare medical rebate scheme, is obliged under law to report…       Read More

Written By: Lauren K. Dimitri, Esq. In July of this year, the Appellate Division of the State Board of Workers’ Compensation rendered a decision on surveillance that has created quite the buzz in the Comp community. The Employee in State Board of Appeal #2013024225 appealed the administrative law judge’s order which granted the Employer’s motion for a protective order seeking protection of surveillance video that was taken of the Employee by an investigator hired by the Employer. The Employee argued that the administrative law judge abused his discretion in denying her motion to compel discovery of the video, while the Employer stood by its position that the video was protected from discovery as being prepared in anticipation of litigation. The specific discovery request at issue asked for the identities of persons having knowledge relevant to the claim, whether the Employer had conducted surveillance of the Employee and, if so, the…       Read More

Compiled by: Richard Sheinis, Esq. Texas Hospital hacked, affects nearly 30000 patient records Healthcare IT News Integrity Transitional Hospital, based in Denton, Texas, reported a hacking incident that may have breached the records of 29,514 patients… Facial Recognition Technology Raises Privacy Concerns NBCNews.com “Computer vision can now recognize an object very clearly,” said Dr … There is no U.S. federal law at the moment that directly protects the privacy of … Data breach affects 2500 GHS patientsData breach affects 2500 GHS patients Upstate Business Journal About one-fifth of the cardiac-monitored patients at the Greenville Health System’s Carolina Cardiology Consultants were affected by a recent data … Qatar set to ratify data privacy lawQatar set to ratify data privacy law ArabianBusiness.com Companies in Qatar face penalties of up to QR5 million ($1.47 million) if they fail to comply with new laws on data privacy that come into force next … Thousands…       Read More

Written by: Bradley R. Coppedge, Esq. Unfortunately, there is far from a one-size-fits-all answer. My October blog explored the use (or risks) of these trusts in older Wills as related to the possibility of inadvertently disinheriting a spouse. This article will explore their use from an overall federal estate tax, and capital gains tax, perspective. First a little history. A person’s federal estate tax exemption amount (previously known as the “unified credit”) is the amount of assets that may pass to someone other than the spouse without incurring estate taxes. For many years, particularly throughout the 1980s, 1990s, and even well into the 2000s, a decedent’s exemption amount was regularly utilized to create a trust at the death of the first spouse, commonly known as a “credit shelter trust” or “bypass trust”. As explored in October’s blog, the purpose of this trust was to take the maximum amount of assets that…       Read More

Written by: Eric Hoffman, Esq. On Monday October 31, 2016, the Georgia Supreme Court unanimously held that firearms cannot be carried onto public K-12 school property unless the licensed gun owner is picking up or dropping off a student. In GeorgiaCarry.org v. Code Revision Commission, the Court, in an opinion by Chief Justice Hugh Thompson, upheld a Fulton County Judge’s dismissal of a suit filed by GeorgiaCarry to challenge a decision of Georgia’s Code Revision Commission restricting such use. At issue were two bills passed by the Georgia legislature in 2014. Both bills attempted to amend O.C.G.A. § 16-11-127.1 to allow licensed gun owners to carry firearms onto school property. House Bill 826 allowed registered gun owners to carry guns onto school property without limitation, while House Bill 60 limited the time that guns could be carried onto K-12 public school property to drop off and pick up. Governor Nathan…       Read More

Compiled by: Richard Sheinis, Esq. WikiLeaks email shows how hackers targeted John Podesta Washington Times Researchers said previously that hackers working for the Russian … this month it’s confident recent computer hacks and emails leaks suffered by the … Red Cross Data Breach Exposes Health Information of 550000 People The Daily Dot The personal information of more than half a million Australian blood donors has been leaked in a serious security breach at the Red Cross. Data Breach Affects 450000 KPG (AP) – A new report from Washington state’s Attorney General’s Office says nearly a half a million residents were impacted by data breaches between … Hacker faces prison for cyberattacks on businesses, universities Chicago Tribune Timothy Justen French had already been warned once by the FBI to stay away from computer hacking when he was caught in an online chat two years … Are heart devices threatened by hackers?…       Read More