If you are among the many people turning to video-teleconferencing (VTC) to stay connected during the COVID-19 pandemic, you need to protect yourself from “Zoom-bombing” – the entrance of uninvited individuals into your VTC. The FBI has received multiple reports of conferences being disrupted by offensive images and/or threatening language. The FBI recommends the following steps to mitigate VTC hijacking threats: Do not make meetings or classrooms public: In Zoom, there are two options to…

Security, Privacy and the Law

Christopher Hart Discusses Security in an Unprecedented Time at MassTLC Table Top Panel

By Foley Hoag

March 25, 2020

Christopher Hart, Co-Chair of Foley Hoag’s Privacy and Data Security practice, discusses the data security risks of the present crisis and how to mitigate them in MassTLC’s Virtual Table Top Panel. Click here to listen to the full audio of the program.…

Security, Privacy and the Law

COVID-19 and HIPAA: OCR Guidance on Disclosures to Law Enforcement, First Responders, and Public Health Authorities

By Colin Zick

March 25, 2020

On March 24, 2020, the Office for Civil Rights (OCR) at the Department of Health and Human Services issued guidance on how HIPAA covered entities may disclose protected health information (PHI) about an individual who has been infected with or exposed to COVID-19 to law enforcement, paramedics, other first responders, and public health authorities in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The guidance explains the circumstances under…

Security, Privacy and the Law

Partner Colin Zick Discusses Remote Work and Cybersecurity on WGBH’s In It Together

By Foley Hoag

March 24, 2020

Colin Zick, Co-Chair of Foley Hoag’s COVID-19 Task Force, recently appeared on the WGBH news program In It Together, where he spoke with Arun Rath about the steps companies and individuals can take to protect their sensitive data in an era of remote working and telehealth. Click here to listen to a full recording of the program.…

Security, Privacy and the Law

Enforcement of HIPAA Rules for Telehealth Relaxed Due to COVID-19 Public Health Emergency

By Colin Zick

March 23, 2020

On Friday, March 20, 2020, the Department of Health and Human Services Office for Civil Rights (“OCR”) announced it will “exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency. This notification is effective immediately.” What does this mean? Broad relaxation of HIPAA rules when…

Security, Privacy and the Law

Cybersecurity and Infrastructure Security Agency Identifies Essential Critical Energy Infrastructure Workers During COVID-19 Response

By Carol Holahan

March 20, 2020

On March 19, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) issued its Memorandum on Identification of Essential Critical Infrastructure Workers During COVID-19 Response (“Memo”). The Memo identifies workers who conduct “a range of operations and services that are essential to continued critical infrastructure viability” and who support a wide-spectrum of industries such as medical and healthcare, telecommunications, information technology systems, defense, and energy. As provided by the Homeland Security Act of 2002, CISA is…

Security, Privacy and the Law

March 13, 2020 Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Briefing on Covid-19 and Data Security

By Colin Zick

March 13, 2020

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) just completed a stakeholder security briefing. This was recorded and should soon be available on the CISA website, but in the interim, some key takeaways are: We are in the “initiation phase” of the pandemic, meaning the worst is yet to come (the “acceleration phase”). Covid-19 has been found in 42 states. The presenters declined to comment on the likelihood of mandatory quarantines. Chris …

Security, Privacy and the Law

U.S. Department of Health and Human Services Office for Civil Rights BULLETIN: HIPAA Privacy and Novel Coronavirus

By Colin Zick

March 13, 2020

The coronavirus and Covid-19 are impacting everything and everyone, and certainly health information privacy. Here is a useful summary of health information issues to be mindful of from HHS OCR on HIPAA privacy and the coronavirus/Covid-19. Topics covered in the bulletin include: Sharing Patient Information Disclosures to Family, Friends, and Others Involved in an Individual’s Care and for Notification Disclosures to Prevent a Serious and Imminent Threat Disclosures to the Media or Others Not…

Security, Privacy and the Law

Countdown to CCPA: Foley Hoag Podcast Series Number 3

By Foley Hoag

March 9, 2020

Companies that have already done the work to become GDPR-compliant are a step ahead, but all companies that collect California users’ personal information or just do business in California should check to see whether they are obligated to comply with the CCPA. Foley Hoag’s Privacy & Data Security practice group has more than a decade of experience and deep knowledge in domestic and international privacy law. Our CCPA team, with lawyers admitted to practice in…

Security, Privacy and the Law

Watch – Best Practices: Terms of Service and Privacy Policies

By Foley Hoag

February 27, 2020

Terms of service and privacy policies form the primary legal agreement between your organization and anyone who visits your website, downloads your app, or subscribes to your platform. These agreements are ubiquitous, yet often overlooked by start-ups and established companies alike. And with new privacy laws like GDPR and CCPA affecting businesses globally, understanding how these laws affect your policies and terms is crucial for doing business. Foley Hoag attorneys Christopher Hart and Jessica Turko…

Security, Privacy and the Law

Blog Authors

FBI Warns of Teleconferencing and Online Classroom Hijacking

Christopher Hart Discusses Security in an Unprecedented Time at MassTLC Table Top Panel

COVID-19 and HIPAA: OCR Guidance on Disclosures to Law Enforcement, First Responders, and Public Health Authorities

Partner Colin Zick Discusses Remote Work and Cybersecurity on WGBH’s In It Together

Enforcement of HIPAA Rules for Telehealth Relaxed Due to COVID-19 Public Health Emergency

Cybersecurity and Infrastructure Security Agency Identifies Essential Critical Energy Infrastructure Workers During COVID-19 Response

March 13, 2020 Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Briefing on Covid-19 and Data Security

U.S. Department of Health and Human Services Office for Civil Rights BULLETIN: HIPAA Privacy and Novel Coronavirus

Countdown to CCPA: Foley Hoag Podcast Series Number 3

Watch – Best Practices: Terms of Service and Privacy Policies

Stay Connected

Company

Support

New to the Network