Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

KickerFeaturesSectionsNews

'Information Security 101'

BY Jennifer Willcox
May 25, 2005

Recent headlines have reported a startling number of security breaches and information thefts. A major university notified 120,000 of its alumni after a computer containing fundraising information including addresses and Social Security numbers was hacked by an unknown intruder; a subsidiary of the Lexis Nexis group announced that the records of 32,000 individuals may have fallen into the hands of thieves using the passwords of legitimate subscribers; Bank of America reported the loss of backup tapes containing the financial records of up to 1.2 million federal employees; payroll outsourcer PayMaxx faced allegations that it had exposed 25,000 customer records, including W-2 information, online; and cell phone provider T-Mobile released information about a hacker who was able to exploit a security weakness in a commercial software package to access customer records, sensitive government documents, private e-mail and candid celebrity photos.

These stories have caught the attention of federal lawmakers, who are proposing legislation to address the security vulnerabilities in a world where personal data is increasingly available through digital media. But computer security is already a matter of law for many companies that provide health benefits for their employees. April 20, 2005 was the effective date for regulations regarding the security of electronic health information under the Health Insurance Portability and Accountability Act of 1996 (HIPAA Security Rule). (Note, “Small health plans,” or those with less than $5 million in receipts, have an additional year to comply [April 20, 2006]. For further information on how to calculate “receipts” in determining whether your plan is “small,” go to the Centers for Medicare and Medicaid Services [CMS] HIPAA Web site: www.cms.hhs.gov/hipaa/ hipaa2 /default.asp, select “Frequently Asked Questions” and then search for “small health plans.”) As was the case with the HIPAA Privacy requirements that went into effect in April 2003, all individual or group health plans that provide or pay for the cost of health care are covered. This means employer-sponsored medical plans, medical expense reimbursement accounts, and any separate dental and vision plans, whether provided through the purchase of insurance (fully insured plans) or paid directly out of company assets (self-insured plans).

Information Covered By the HIPAA Security Rule

Read These Next
Yachts, Jets, Horses & Hooch: Specialized Commercial Leasing Models Image

Defining commercial real estate asset class is essentially a property explaining how it identifies — not necessarily what its original intention was or what others think it ought to be. This article discusses, from a general issue-spot and contextual analysis perspective, how lawyers ought to think about specialized leasing formats and the regulatory backdrops that may inform what the documentation needs to contain for compliance purposes.

Hyperlinked Documents: The Latest e-Discovery Challenge Image

As courts and discovery experts debate whether hyperlinked content should be treated the same as traditional attachments, legal practitioners are grappling with the technical and legal complexities of collecting, analyzing and reviewing these documents in real-world cases.

Identifying Your Practice's Differentiator Image

How to Convey Your Merits In a Way That Earns Trust, Clients and Distinctions Just as no two individuals have the exact same face, no two lawyers practice in their respective fields or serve clients in the exact same way. Think of this as a "Unique Value Proposition." Internal consideration about what you uniquely bring to your clients, colleagues, firm and industry can provide untold benefits for your law practice.

Risks and Ad Fraud Protection In Digital Advertising Image

The ever-evolving digital marketing landscape, coupled with the industry-wide adoption of programmatic advertising, poses a significant threat to the effectiveness and integrity of digital advertising campaigns. This article explores various risks to digital advertising from pixel stuffing and ad stacking to domain spoofing and bots. It will also explore what should be done to ensure ad fraud protection and improve effectiveness.

Turning Business Development Plans Into Reality Image

This article offers practical insights and best practices to navigate the path from roadmap to rainmaking, ensuring your business development efforts are not just sporadic bursts of activity, but an integrated part of your daily success.