The Centers for Medicare & Medicaid Services (CMS), in conjunction with the HHS Office for Civil Rights (OCR), has recently issued an updated tipsheet on conducting a security risk assessment for health care providers participating in CMS’s Electronic Health Records (EHR) Incentive Programs. To receive incentive payments through the program, providers must demonstrate meaningful use […]
Regulation
NIST’s Preliminary Cybersecurity Framework Could Have Broad Implications for Critical, Non-Critical Infrastructure Alike
On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical […]
Department of Defense Publishes Safeguarding Rule Requiring Contractors to Follow NIST Security Standards, Report Cybersecurity Incidents
On November 18, the U.S. Department of Defense (“DoD”) published a final safeguarding rule (the “UCTI Safeguarding Rule”) applicable to contractors in possession of unclassified yet nonpublic technical information (“UCTI”) that requires them to, at a minimum, satisfy the security controls specified in NIST Special Publication (SP) 800-53 in order to safeguard UCTI. Additionally, the UCTI Safeguarding […]
A+B Privacy Litigation Partner Dominique Shelton Quoted by BNA Bloomberg “Privacy Law Watch”
Several comments made by Dominique Shelton, a partner in the firm’s Litigation & Trial Practice Group, as part of the International Association of Privacy Professionals Privacy Academy in Bellevue, Washington, were included in a BNA Bloomberg Privacy Law Watch article discussing the conference panelists’ discussion on achieving mobile privacy compliance goals. As moderator, Shelton noted that […]
California Adopts Do-Not-Track Disclosure Law: A.B. 370 Amends the California Online Privacy Protection Act (CalOPPA) to Require New Privacy Policy Disclosures for Websites, Online Services and Mobile Apps about Behavioral Tracking
California Governor Brown is preparing to sign into law a new online privacy bill (A.B. 370) approved unanimously (78-0) by the California Assembly on August 26, 2013, having previously passed the California Senate by a vote of 37-0 (with 2 non-votes recorded). The Governor is expected to sign the bill before the expiration of the signing […]