On January 9, 2017, the U.S. Department of Health and Human Services (“HHS”) announced its first enforcement action under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) involving delayed data breach reporting.  HHS settled alleged violations of the HIPAA breach notification rule committed by Presence Health, one of the largest health care networks in Illinois.  The settlement agreement called for Presence Health to pay $475,000 and to adopt a corrective action plan.  This settlement underscores the importance of understanding your organization’s HIPAA policies and procedures, and raises several practical considerations going forward.

Recent guidance issued by the Department of Health and Human Services (“HHS”) clarifies the extent to which cloud service providers are subject to the privacy, security, and breach notification rules under  the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  

On May 11, 2016, President Obama signed into law the Defend Trade Secrets Act of 2016 (DTSA).  Among other things, the DTSA provides immunity to individuals who disclose trade secrets in the course of  a whistleblower retaliation lawsuit, provided the trade secrets are filed under seal, or who disclose trade secrets to the government and/or an attorney solely for the purpose of reporting or investigating a suspected violation of the law.

On November 16, 2015, an NLRB Administrative Law Judge issued a decision ordering Wingate Healthcare, Inc. to recognize and bargain with 1199 SEIU United Healthcare Workers East, after the union engaged in an unsuccessful organizing campaign at Wingate’s nursing home facility in Fishkill, New York. In sum, the Judge determined that Wingate engaged in unfair labor practices by, among other things, interrogating and threatening employees who supported the union, and conducting surveillance of employees’ union activities. Given the severe nature of the unfair labor practices, such as threats to employees, the Judge determined that a new election could not be freely and fairly conducted and issued the bargaining order. The full text of the decision can be found here.  

On October 21, 2015, the United States Court of Appeals for the Second Circuit issued a decision finding that Triple Play Sports Bar and Grille violated the National Labor Relations Act (“Act”) when it fired two employees for airing their criticisms on Facebook.  This is the latest in a string of recent decisions finding that an employee’s online “speech” is protected concerted activity under the Act in some circumstances.