After failed attempts in years past, on April 28, 2022, Connecticut became the fifth state to pass a consumer data privacy bill. It is headed to the Governor’s desk for signature, and he is expected to sign. Entitled “An Act Concerning Personal Data Privacy and Online Monitoring,” it enjoyed bipartisan support passing unanimously in the […]
Author Archives: Dena M. Castricone, CIPP/US, CIPM
Three dentists and a psychiatrist walk into a bar . . . and they each walk out with a five-figure tab for HIPAA compliance failures. It’s not funny, but the five-figure payment part is true and there’s a lot to be learned from their mistakes. The Department of Health and Human Services’ Office for Civil […]
DMC Law is launching Privacy Pointers, which features short and informative videos on various privacy topics. We begin Privacy Pointers with a series of videos on HIPAA’s Right of Access. There are six videos in this series that explore important aspects of the Right of Access. Each video is no more than 5 minutes in length. […]
This article appeared in the March/April 2022 volume of CT Lawyer Magazine As an attorney who has spent most of my career practicing in privacy and healthcare, I had never considered the possibility of that I may one day serve on the Citizen’s Ethics Advisory Board (CEAB). The CEAB has nine members appointed by the […]
A federal district court in Texas issued an opinion on February 23, 2022 (Decision) in which it concluded that the involved governmental agencies made some significant missteps in promulgating regulations under the No Surprises Act (NSA). The NSA took effect on January 1, 2022 and establishes federal protections against surprise medical bills. The law and […]
Here it is! My annual summary of HIPAA enforcement action resolutions. I know you all have been eagerly awaiting its arrival. No plot twists or surprises this year – the enforcement themes are much the same as those in 2020. As I explain below, Right of Access was again the star.
Today, the Connecticut Attorney General’s office announced that it created an online form for data breach reporting. According to the CT AG’s office, “[t]he need for a standardized, online submission form was also motivated by recent amendments to Connecticut’s data breach notification statute.” Those amendments, which took effect on October 1, 2021, include a broadened definition of personal information and a reduced timeframe for notification and reporting from 90 days to 60 days.
Effective January 1, 2022, healthcare providers and facilities will be subject to the No Surprises Act (NSA), which establishes federal protections against surprise medical bills. While there are several parts of the NSA that impact some but not all healthcare providers or facilities (e.g., balance billing prohibitions), the requirement to provide good faith estimates (GFEs) […]
On our second anniversary, I want to reflect on and celebrate the growth over this past year. DMC Law started 2021 as a company of one. We are ending the year as a team of four; four fiercely dedicated, intelligent and hard-working women who love working together. Meet the team.
Yesterday, the Department of Health and Human Services’ Office for Civil Rights announced the resolution of five more HIPAA Right of Access claims. That brings the total number of Right of Access resolutions this year to 12 (including a civil monetary penalty), edging out last year’s total of 11. As for settlement and penalty amounts, the Right of Access total for 2021 has surpassed 2020 by more than $300,000.