News

HealthData Management Article Discusses Blog Post by Randy Gainer on ONC Security Tool

An article in Health Data Management magazine (“ONC Needs to Improve Risk-Rating Features of New Security Tool,” April 16, 2014) discussed “the risk-rating features of a tool developed by the Office of the National Coordinator for Health IT to help healthcare providers in small to medium sized physician offices conduct security risk assessments (SRA).” Referencing an April 9, 2014, post by Randy Gainer on BakerHostetler’s blog, Data Privacy Monitor, the article reported that the tool needs improvement. The article quotes Gainer’s assessment that "the tool offers incomplete guidance regarding why the risks associated with each requirement should fall into the 'Low' category as opposed to the 'Medium' or 'High' category. Users are left to guess whether failing to comply with a requirement would have a low, medium, or high likelihood of affecting the confidentiality, integrity, or availability ePHI, and whether the impact of such an effect would be 'Low,' 'Medium,' or 'High.'"

Read the article.

Blog

In The Blogs

Previous Next
Data Counsel
Employee Training and Record-Keeping Requirements in the Final CCPA Regulations and a Preview of New Retention Requirements in the CPRA
By James A. Sherer, Nichole L. Sterling
September 15, 2020
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s final CCPA...
Read More ->
Data Counsel
Return to Work: What Employers Should Know About AB 1281, CCPA Notice Requirements and Recent Labor Law Guidance
By Alan L. Friel, Jeewon K. Serrato, Catrina W. Wang
September 8, 2020
While most privacy news and alerts have been focused on the collection and processing of customer data (see our earlier posts about interest-based advertising and the House Judiciary Committee’s Antitrust Hearing with Big Tech, for...
Read More ->
Data Counsel
Podcast: CA Privacy Law Reboot – CCPA 2.0
August 27, 2020
The California Privacy Rights Act (CPRA) is going to be on the November 3 ballot. The CPRA would amend the California Consumer Privacy Act (CCPA) to provide a greater level of rights for consumers and more stringent restrictions on data...
Read More ->
Data Counsel
IAB Launches CCPA Benchmark Survey
By Taylor A. Bloom, Kyle R. Fath, Gerald J. Ferguson, Alan L. Friel, Linda A. Goldstein
August 27, 2020
The Interactive Advertising Bureau (IAB), a leading advertising industry organization, has launched a CCPA Benchmark Survey to assess how companies across the digital advertising ecosystem are approaching CCPA compliance. The survey...
Read More ->
Data Counsel
CCPA Final Regulations, with a Few Unexpected Changes
By Taylor A. Bloom, Stanton P. Burke, Kyle R. Fath, Alan L. Friel, Jeewon K. Serrato, Catrina W. Wang
August 19, 2020
On Friday, August 14, 2020, California Attorney General Xavier Becerra announced approval by the Office of Administrative Law (OAL) of final regulations (Final Regs) under the California Consumer Privacy Act (CCPA). Proposed final...
Read More ->