Recent guidance issued by the Department of Health and Human Services (“HHS”) clarifies the extent to which cloud service providers are subject to the privacy, security, and breach notification rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
Last month, in Galaria v. Nationwide Mutual Insurance Co., Nos. 15-3386/3387 (6th Cir. Sept. 12, 2016), the Sixth Circuit issued a decision finding standing for a class of plaintiffs in a data breach class action.
The Second Circuit recently certified three questions regarding who may be held liable under New York State Human Rights Law Section 296(15) which prohibits discrimination on the basis of a criminal conviction record.
National Cyber Security Awareness Month begins this week. Each October, the Department of Homeland Security kicks off a national public awareness campaign that encourages businesses and individuals to take steps to protect themselves from cyber threats.
Employers face the dual struggle of protecting the safety of their workforce and their products while simultaneously complying with laws addressing background check information. On one hand, it can be a risk to hire a candidate with a concerning criminal background. On the other hand, missing a technical step in the various laws could lead to devastating and expensive liability.