Groundhog Day! W-2 Scams Reappear for 2017

The more things change, the more things stay the same, or so the adage goes.  Yesterday —which was very fitting for Groundhog Day —the IRS released a warning concerning the reappearance of phishing scams targeting W-2 information.  

Continue reading

HHS Reaches $475,000 Settlement with Health Care System over Late Data Breach Report

On January 9, 2017, the U.S. Department of Health and Human Services (“HHS”) announced its first enforcement action under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) involving delayed data breach reporting.  HHS settled alleged violations of the HIPAA breach notification rule committed by Presence Health, one of the largest health care networks in Illinois.  The settlement agreement called for Presence Health to pay $475,000 and to adopt a corrective action plan.  This settlement underscores the importance of understanding your organization’s HIPAA policies and procedures, and raises several practical considerations going forward.

Continue reading

Massachusetts Allows Public Online Access to Data Breach Information

First introduced in 2015 and signed into law in June 2016, an amendment to the Massachusetts Public Records Law (M.G.L. c.66) now makes the state’s Office of Consumer Affairs and Business Regulation (OCABR) online Data Breach Notification Archive available to the public.

Continue reading

New York State Department of Financial Services Modifies and Delays Cyber Security Regulations

In response to the uniformly negative feedback it received from industry participants and interested parties, the New York State Department of Financial Services has modified its proposed cyber security regulations and delayed their start date by two months.

Continue reading

Register for our NYS DFS Cybersecurity Webinar

The new cybersecurity regulations proposed by the New York State Department of Financial Services are sweeping in scope and quite complex.  

Continue reading

Disclaimer

This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel