Data Privacy Monitor

Data Privacy Monitor

Commentary on Data Privacy & Information Security Subjects

Monthly Archives: July 2011

New Indian Privacy Law Impacts U.S. Companies

Posted in International Privacy Law
In the United States, India is synonymous with outsourced data processing services and customer service call centers for credit card issuers, banks and retailers.  The flow of data between the two countries has been unrestricted and, to a large extent, unregulated.  This has now been changed. In April 2011, India adopted new privacy regulations known … Continue Reading

HHS to Propose New Privacy Standards for Human Research Subjects

Posted in HIPAA/HITECH
The Department of Health and Human Services (HHS) provided an Advanced Notice of Proposed Rule Making (ANPRN) on July 22, 2011, to enhance protections for medical research subjects, including standards around privacy and data security. The ANPRN seeks comments on how better to protect human research subjects while facilitating valuable research. The current Common Rule … Continue Reading

SAFE Data Act Approved by House Subcommittee

Posted in Data Breach Notification Laws, Federal Legislation
The House Subcommittee on Commerce, Manufacturing, and Trade, chaired by Rep. Mary Bono Mack (CA), approved the Secure and Fortify Electronic Data Act (H.R. 2577) (SAFE Data Act) following lengthy debate on July 20, 2011.  The SAFE Data Act contains information security requirements and breach notice obligations consistent with Rep. Bono Mack’s statements following the … Continue Reading

New HIPAA Access Report: Proceed with Caution

Posted in HIPAA/HITECH
We previously reported on the HIPAA Proposed Rule on Accounting of Disclosures and the new Access Report requirements. Further analysis of the proposed rule raises additional concerns for healthcare entities and providers. As a reminder, the Access Report requirements will mandate that, upon a patient’s request, a covered entity or business associate must provide an … Continue Reading

HIPAA Audits ARRA Coming! Is your PHI Secure?

Posted in Breach Notification, Data Breach Notification Laws, HIPAA/HITECH
In the growing world of RAC audits, Voluntary Disclosure Protocols, IRS Form 990 disclosures, “Never Events” and HIPAA breach notifications, there is a new kid on the block in the area of federal audit and oversight for health care providers, health plans and their business associates under the health information privacy and security provisions of … Continue Reading

Restrictions on Commercial Advertising Speech in Vermont Data Mining Law Violate First Amendment

Posted in Behavioral Advertising, Privacy
As we briefly discussed here, on June 23, 2011, the U.S. Supreme Court in Sorrell v. IMS held that a Vermont statute restricting the sale, disclosure and use of pharmacy records containing the prescribing practices of doctors for marketing purposes by pharmaceutical companies violated the First Amendment’s protection of commercial advertising speech.  From a commercial advertising … Continue Reading

Focus on Advertising to Children

Posted in Behavioral Advertising, COPPA, Online Privacy
The Interagency Voluntary Working Group on Food Marketed to Children released Preliminary Proposed Nutrition Principles to Guide Industry Self-Regulatory Efforts to improve the nutritional profile of foods marketed to children in April 2011.  Today, FTC Commissioner David Vladeck addressed 12 myths about the recommendations, including: (1) providing reassurance that the guidelines do not provide a … Continue Reading