Annual Data Breach Report Due by February 29

Trending News

It’s the Final Countdown – The Final PWFA Regs Are Here

Corporate Transparency Act – Continued Developments

Healthcare Preview for the Week of: April 15, 2024 [Podcast]

SCOTUS Declines to Review New York City’s Rent Stabilization Law

Trending in Telehealth: April 2 – April 8, 2024

New CFIUS Rules to Enhance Enforcement and Investigation Activities

Chanel Seeks Permanent Injunction Against WGACA

EPA Finalizes National Primary Drinking Water Regulation for Certain PFAS

GeTtin' SALTy Episode 26 | Catch-up with Jared Walczak at the Tax Foundation, with a Focus on Property Tax Relief

Safety Perspectives From Region 6: OSHA’s New Walkaround Rule [Podcast]

Linn F. Freedman

Email

401-709-3353

Bio and Articles

Yearly Data Breach Reporting Due to OCR by February 29

by: Linn F. Freedman of Robinson & Cole LLP - Data Privacy + Security Insider

Thursday, February 20, 2020

Print Mail Download

i

Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500 individuals and have not already been self-reported within 60 days following the calendar year. That means that covered entities are required to provide notification to the OCR of data breaches under 500 by February 29, 2020. So this deadline is not missed, many covered entities elect to provide notification to the OCR simultaneously with individual notice, no matter how many individuals are involved.

For those covered entities that wait until the end of the year to report smaller data breaches, now is the time to access the OCR website and report those incidents. The OCR self-reporting website can be accessed here.

Current Legal Analysis

Regulatory Update and Recent SEC Actions April 2024

by: Thomas R. Westle

Justice Department has Opportunity to Revolutionize its Enforcement Efforts with Whistleblower Program

by: Stephen M. Kohn

PTO Cash-Outs and Constructive Receipt

by: Al Ward , Kirsten L. Vignec

Business Taxation of Hedging Transactions Part III: Identification Requirements and Aggregate Hedging

by: Andie Kramer

Misapplication of Complete Auto

by: Nicole L. Johnson

More from Robinson & Cole LLP

Privacy Tip #394 – Colorado Amends Privacy Law to Include Neurodata

by: Linn F. Freedman

New Threat: Scattered Spider International Coalition of Hackers

by: Linn F. Freedman

Joint Guidance Published by Five Eyes on Deploying AI Systems Securely

by: Linn F. Freedman

U.S. Government Intervenes in Case Alleging Unauthorized Disclosure of CUI

by: Data Privacy & Cybersecurity Robinson Cole

DoorDash Settles with California Attorney General for Alleged Violations of the CCPA

by: Kathryn M. Rattigan

The State of AI Governance and Diversity: Takeaways from the AI Index Report

by: Blair V. Robinson

Weight Loss, Miracle Medications & the Workplace

by: Abby M. Warren

Additional States Implement Notice Requirements for Healthcare Transactions

by: Leslie J. Levinson , Danielle H. Tangorre

Privacy Tip #393 – Phishing, Smishing, Vishing and Qrishing Schemes Continue to Dupe Users

by: Linn F. Freedman

Congress Introduces Promising Bipartisan Privacy Bill

by: Blair V. Robinson

Upcoming Legal Education Events

Jun

4

2024

FinTech and Securities Trading Platforms

May

15

2024

Capital Connect: Finance & Funding in Life Sciences

May

14

2024

Harmonizing TSCA Consent Orders with OSHA HCS 2012

May

7

2024

FinTech and Employment Law

Print