www.bna.com Privacy & Security Law Report
HomeIndexTable of CasesFeedbackwww.bna.com

Printable version (PDF) 

INDEX
Vol. 9, Nos. 1-49, pp. 1-1748
Jan. 4 -- Dec. 20, 2010

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

    H1N1 VIRUS
      – Vaccinations, Ontario loses data, 27; mobile device encryption order, 145
    HACKING
      – Ameritrade breach settlement (N.D. Cal.), 1592
      – China
        – – Google breach, 86; China responds, 184; Senate resolution, 240
        – – Search engine sues domain service (S.D.N.Y.), 139
        – – Training websites, 265
      – Citigroup denies cyberattack reports, 12
      – D.A. Davidson settles FINRA charges, 550
      – Dave & Buster's, data security program (FTC), 464; FTC finalizes settlement, 868
      – E-mail
        – – Account data stolen (S.D. Tex.), 259
        – – Divorce, lawyer viewed from client's husband's account (Fla. Dist. Ct. App.), 241
        – – Palin account, CFAA search warrant (E.D. Tenn.), 600; authority to issue ECPA warrant , 800
      – Facebook, remote access service, terms of service violation not hacking (N.D. Cal.), 1132
      – Hannaford Bros.
        – – Hacker pleads guilty (D. Mass.), 16
        – – Mitigation costs not damages (Me.), 1330
      – Heartland Payment Sys. data breach
        – – Consumer class settlement (S.D. Tex.), 15; preliminary approval entered, 705
        – – Costs reported, 706
        – – Discover card-issuing bank claims, settlement, 1247
        – – Hacker pleads guilty (D. Mass.), 16
        – – Lessons learned discussion paper, 182
        – – MasterCard-issuing bank claims, settlement, 762
        – – Visa-issuing bank claims, settlement, 58
      – La. EMT database, 1567
      – Magazine publishers, AT&T and Google account data sought (S.D.N.Y.), 19
      – Mariposa botnet, Spain dismantles, 362
      – Password-protected blog (Cal. Ct. App.), 708
      – Social networking sites, RockYou class suit (N.D. Cal.), 59
      – Verizon 2010 investigations report, 1167
      – Va. Prescription Monitoring Program database breach, 255
    HAWAII
      – Workplace credit checks, BNA Insights, 991
    HEALTH AND HUMAN SERVICES DEPARTMENT (HHS)
      – HIPAA rules, to release next year, 1727
      – HIT Policy Comm. Chair, BNA Interview, 802
      – Office of the Natl. Coordinator for HIT
        – – Chief privacy officer named, 281
        – – Goals outlined by Blumenthal, 635
        – – Governance workgroup, state health data exchanges, 1389; HIT Policy Comm. to continue work on topic, 1648; Smart Card Alliance comments on authentication, 1693
        – – Personal health records (PHRs), comments sought, 1563
        – – Task force formed to expedite issues, 826; “tiger team” holds inaugural meeting, 898; exposure issues examined, 940; focus shifts to state level data exchanges, 1050; HIT Policy Comm. approves recommendations, 1246; tiger team drafts transparent exchange recommendations, 1425
      – TB patient who ignored travel restrictions, privacy claims against CDC (11th Cir.), 1536
    HEALTH CARE
      – Allen County patient data access ordinance (N.D. Ind.), 1221
      – Australia
        – – Disclosure to blood relations, 147
        – – Identification numbers, 986
      – Biological specimens, informed consent, 1728
      – Cal. hospitals fined, unauthorized access to records, 863; medical facilities fined, 1587
      – Canada
        – – MCAT test takers fingerprinting, 1203
        – – New Brunswick law, 1225
        – – Nova Scotia privacy bill, 1566
      – China, medical privacy law, 65
      – CVS Caremark
        – – Antitrust, FTC probe, 1561
        – – Class action, protected health information claims (S.D. Tex.), 1390
      – Data breach notification
        – – Conn. Ins. Dep't requirements, 1283
        – – HITECH Act, reporting “large” breaches
          – – – Cincinnati Children's Hosp. and Medical Center laptop theft, 864
          – – – Compliance issues, 356
          – – – Details of reports posted, 311
          – – – Hospital compliance, survey report, 663
          – – – Human medical research protection programs, 664
          – – – Status of rules and reports, 229
          – – – Update, ABA webcast, 493
        – – Va. health data bill, 148; bills approved, 255; bill passed, limited to public agencies, Special Report, 368; lawmakers to vote on governor's amendment, 561; Va. enacts law, 602
      – Data breaches
        – – Affinity Health Plan, returned leased copier without wiping memory, 607
        – – Anthem Blue Cross website
          – – – Attorneys improperly accessed, 982
          – – – Negligence in safeguarding data (Cal. Super. Ct.), 1331
          – – – WellPoint, Ind. AG suit (Ind. Super. Ct.), 1538
        – – AvMed Health Plans laptop theft, 256; number of affected customers increased, 865; class action filed (Fla. Cir. Ct.), 1593
        – – Basingstoke and North Hampshire NHS Found. Trust, 908
        – – Birmingham Children's Hosp., 1171
        – – BlueCross BlueShield of Tenn. stolen hard drives, 93; individuals affected, 527
        – – California
          – – – Inadvertent disclosures, 1283
          – – – Public Health Dep't data tape, 1736
        – – Cincinnati Children's Hosp. and Medical Center laptop theft, 864
        – – East & North Hertfordshire NHS Trust, 1371
        – – Forth Valley NHS Board, 1371
        – – Griffin Hosp. breach by fired radiologist, Conn. AG probe, 501
        – – Health Net missing disk drive, attorney general suit (D. Conn.), 93; settlement, 1013; Conn. Ins. Dep't penalty, 1565
        – – Healthcare Locums, 1505
        – – Kaiser Permanente drive stolen, 94
        – – Kentucky
          – – – Hospitals report missing media, 667
          – – – State jurisdiction despite HIPAA notice (W.D. Ky.), 1280
        – – Lincoln Hosp. loses backup CDs, 1023
        – – Mayo Clinic fires worker for unauthorized access, 1308
        – – N.M. Medicaid, 768
        – – N.W. London Hosp. NHS Trust, 1505
        – – Okla. Univ. neurology patients, 1464
        – – Pa. Medicaid managed plans report loss of flash drive, 1458
        – – Peterborough Dist. Hosp. eye patient data, 767
        – – Providence Health Sys., future damages claim (Or. Ct. App.), 1427
        – – P.R., Triple-S Mgmt., 1657
        – – Royal Wolverhampton Hosp. NHS Trust, 1285
        – – South Shore Hosp., files sent for disposal lost, 1087; hospital opts for substitute notice, 1304
        – – Stanford Univ. Children's Hosp. appeals fine for delayed notice, 1283
        – – Stoke-on-Trent NHS, 908
        – – Survey Report, 1608
        – – Univ. of Louisville kidney disease research website, 864
        – – Univ. of Utah Hosp. & Clinics breach costs (D. Utah), 862
        – – Va. Prescription Monitoring Program database, 255
        – – Wentworth-Douglass Hosp. alleges pathologist contractor deleted files (D.N.H.), 1170
      – Del. medical data use for research, disclosure law, 1090
      – E-health
      – FACT Act red flag rules
        – – AMA litigation (D.D.C.), 757; stipulated order approved, 978
        – – Clarifications
          See LEGISLATION, FEDERAL, HR 6420, S 3987
        – – Compliance deadline postponed, 825
        – – Exclusions
          See LEGISLATION, FEDERAL, S 3416
        – – Licensed health care professionals group's letter to FTC, 167
        – – Temporary exemption, 897
        – – Tenn. Medical Ass'n guidance, 88
      – Federal employee health claims database, OPM notice, 1387; letter expresses concerns, 1531; OPM delays launch, 1590; OPM to issue revisions, 1727
      – Germany, drugstore chain retained worker health data, 141
      – Hacking, La. EMT database, 1567
      – HIPAA
      – HIV status, hospital discovery barred (Cal. Ct. App.), 1428
      – Hospital Medicare compliance records subject to disclosure, 1542
      – Human research subjects, Swedish researcher destroyed data (ECHR), 1539
      – Improper disposal of patient records, urgent care center (N.C. Super. Ct.), 794
      – Internet marketing practices (FTC), 1647
      – Italy, DPA annual report, 984
      – Long term care worker background check program, 868
      – Medical marijuana, workplace policies, Special Report, 727
      – Mental health, prescribing data (Mass.), 1282
      – Mobile technology developers, 1649
      – Newborn blood samples
        – – HHS seeks comments on state programs, 662
        – – Minn. (Minn. Ct. App.), 1251
        – – Tex. to destroy spot cards (W.D. Tex.), 61
      – Nurse named during NLRB hearing, state privacy rights (Pa. Super. Ct.), 60
      – OECD panel, data collection, opt-out basis, 1700
      – Ontario DPA annual report, 715
      – Reforms
        – – Federal legislation
          See LEGISLATION, FEDERAL, HR 3590, HR 3962
        – – N.C. Blues do-not-call violations, settlement, 176
      – Research subject withdraws from study, 1389
      – Social networking websites
        – – AMA policy on doctor use, 1562
        – – Oakwood Hosp., technician fired after Facebook post, 1199
        – – Physicians-only network, 1387
        – – San Diego are hospital workers fired, 860
      – Spain DPA probe, hospitals, 529; violations, 1431
      – Stroke registry (Tenn. AG), 670
      – TB patient who ignored travel restrictions, privacy claims against CDC (11th Cir.), 1536
      – Tex. negligent hire claim, credit card theft by hospital workers (Tex. Ct. App.), 1332
      – UnitedHealthcare acquisition of Health Net assets, Conn. probe sought, 174
      – Wis., cancer registry disclosure rules, 1175
    HEALTH INFORMATION TECHNOLOGY (HIT)
    HEALTH INFORMATION TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT
    HEALTH INSURANCE
    HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)
      – Claims data clearinghouses as e-records network, 827
      – Cloud computing risks, BNA Insights, 269
      – Criminal violations
        – – Celebrity patient records at UCLA hospital (C.D. Cal.), 92; sentencing, 638
        – – UPMC Shadyside Hosp. worker (W.D. Pa.), 1336
      – Data breach notification rule withdrawn, 1120
      – Data breaches
        – – Kentucky
          – – – Hospitals report missing media, 667
          – – – State jurisdiction despite HIPAA notice (W.D. Ky.), 1280
        – – Okla. Univ. neurology patients, 1464
      – Data security complaints, 1383
      – Dataset research, HHS seeks de-identification tester, 67
      – Disclosure for treatment purposes (Tenn. Ct. App.), 440
      – Doctors, ex parte contacts
        – – Georgia (Ga.), 839
        – – Kan. (D. Kan.), 1655
        – – Michigan (Mich.), 1099; (U.S., rev sought), 1502
        – – Nonparty providers (Mo.), 1258
      – HHS rules, release next year, 1727
      – HITECH Act
        – – Business Associate rule, OMB review, 549
        – – Community health centers, brief on effects, 439
        – – Disclosure accounting, HHS seeks public comments, 663; comments received, 758
        – – HHS, semiannual regulatory agenda, 634
        – – Hospital compliance, survey report, 663
        – – “Meaningful use” incentives, 173; final rule, 1043
        – – Open source software, BNA Insights, 446
        – – Penalty increase, comments, 167
        – – State AG enforcement
          – – – Health Net (D. Conn.), 93; BNA Insights, 189; settlement, 1013; Conn. Ins. Dep't penalty, 1565
          – – – Legal Elec. Health Record Summit, 1245
      – Mobile technology developers, 1649
      – Personal health records, CDT report, 1121
      – Privacy and security rules
        – – BNA Insights, 1133; pharmaceutical companies, BNA Insights, 1226
        – – Business associates
          – – – Compliance, BNA Insights, 297
          – – – HHS proposal, 1007; subcontractor burden, 1086; comments received, 1364; compliance recommendations, 1366; final rule expected before Spring, 1383
          – – – Model agreement, 291
          – – – Obligations, BNA webinar, 1193
        – – Civil Rights office enforcement, 717; HHS aims to release next year, 1727
        – – De-identification standard
          – – – BNA Insights, 675
          – – – HHS workshop, 281; 384
          – – – House panel hearing, 1425
        – – HHS Human Research Protections panel comments, 1562
        – – National HIPAA Summit, 256
        – – Research, BNA Insights, 1438
      – Rite Aid improper data disposal, 1117
      – Social networking websites
        – – Oakwood Hosp., technician fired after Facebook post, 1199
        – – San Diego area hospital workers fired, 860
      – Substance abuse data exchange FAQ, 906
      – UnitedHealthcare acquisition of Health Net assets, Conn. probe sought, 174
    HHS
    HIPAA
    HIT (HEALTH INFORMATION TECHNOLOGY)
    HITECH ACT
    HIV
    HOMELAND SECURITY
      See also TERRORISM
      – Aliens and citizenship
      – Anti-terrorism data sharing framework, Atlantic Council forum, 1053; EC mandate to negotiate, 1698
      – Appropriations
        See LEGISLATION, FEDERAL, HR 2892
      – Aviation security, EU-U.S. joint declaration, 146
      – Budget FY2011
        – – Cybersecurity proposal, 227
        – – E-Verify, 228; Mayorkas defends program at House hearing, 430
      – Credit checks used in hiring
        See LEGISLATION, FEDERAL, HR 3149
      – Critical infrastructure
        – – American Clean Energy Leadership Act
          See LEGISLATION, FEDERAL, S 1462
        – – Cybersecurity Act
          See LEGISLATION, FEDERAL, S 773
        – – Global problem requiring cooperation, CSIS panel, 230
        – – Grid Reliability and Infrastructure Defense (GRID) Act
          See LEGISLATION, FEDERAL, HR 5026
        – – House Homeland Security Comm. draft, 1275
        – – McAfee owners and operators survey, 171
        – – NRC and NERC meeting, electric grid protections, 439
        – – Smart grid
          – – – Cal. utilities, privacy and data security, comments, 393; deployment guidance, 982
          – – – Cybersecurity standards, 183; NIST draft report, 289; House science panel hearing, 1008; NIST report released, 1275
          – – – DOE public roundtable session, 978; report, 1397
          – – – House science panel hearing, 1008
          – – – Privacy and security safeguards, 235
      – Customs broker confidentiality, 1542
      – Cybersecurity
        – – Critical infrastructure
          See Critical infrastructure, this heading
        – – DHS outlines history and status of efforts, 365
        – – DOD memorandum of understanding, 1426
        – – Enhancement Act
          See LEGISLATION, FEDERAL, HR 4061
        – – Financial services MOU, 1691
        – – Homeland Security Cyber and Physical Infrastructure Protection Act
          See LEGISLATION, FEDERAL, HR 6423
      – Data mining
        – – Constitution Project report, 1725
        – – Report to Congress, 55
      – Employment eligibility verification
      – 9/11 Commission recommendations, progress report, 1098
      – Over-classification of documents
        See LEGISLATION, FEDERAL, HR 553
      – Privacy Office, new director named, 1434
      – Real ID Act compliance deadline extension, 10
      – Record systems, DHS proposes Privacy Act exemptions, 364
      – Rehabilitation Act violation (S.D. Cal.), 763
      – South Africa state secrets bill, 986
      – US-CERT
        – – DHS IG report, 1288
        – – IG report, 907
      – Warrantless searches of mobiles devices, ACLU suit (E.D.N.Y.), 1279
    HONG KONG
      – APEC cross-border privacy enforcement pact, 1254
      – Closed circuit television surveillance guidance, 1132
      – Data breach guidance, 952
      – Data protection enforcement, legislation needed, 1287
      – Google Street View WiFi data collection, 772; pact formalized, 910; probe closed, 1172
      – Personal data ordinance, government consultation report, 1461; business concerns, 1664
      – Privacy Comm'r named, 1173
      – Privacy impact assessment guide, 1131
      – Smart card firm, data sharing halted, 1129; government consultation report, 1461; Octopus investigation report, 1462
    HUMAN RESEARCH SUBJECTS
      – Biological specimens, informed consent, 1728
      – Data retention, research subject withdraws from study, 1389
      – Genetic research, informed consent of test subjects, 1390
      – HIPAA Privacy Rule, BNA Insights, 1438; HHS panel comments, 1562
      – HITECH Act breach notice requirements, 664
      – Sweden, researcher destroyed data (ECHR), 1539
    HUNGARY
      – Whistleblowers rules, BNA Insights, 1741

Contact the Webmaster at webmaster@bna.com
 1801 S. Bell Street, Arlington, VA 22202 - Phone: 1-800-372-1033

Copyright © The Bureau of National Affairs, Inc. All Rights Reserved.