All posts tagged HHS

Waking Up the C-Suite to Privacy and Security Risks

Daniel Solove
Founder of TeachPrivacy

waking up the c suite

by Daniel J. Solove

I was recently interviewed in the Journal of AHIMA on how the C-suite is waking up to the new realities of privacy and data security risks. Before the HITECH Act in 2009, HIPAA enforcement was based on a cooperative model where HHS was not punitive in its approach. Now, big fines are being issued. There is auditing. The climate has changed.

Privacy and security risks are quite costly. This is true not just under HIPAA, but also as a general matter. At many organizations, the C-Suite doesn’t fully appreciate the magnitude of the risk. Back about 10 years ago, for many organizations, privacy and security risks were barely on the radar. Now they are recognized for many organizations, but the significance of the risk is often not fully understood or appreciated.

Continue Reading

The Battle for Leadership in Education Privacy Law: Will California Seize the Throne?

Daniel Solove
Founder of TeachPrivacy

Blank chalkboard and stack of books

by Daniel J. Solove

This post was co-authored by Professor Paul Schwartz, Berkeley Law School.

Education was one of the first areas where privacy was regulated by a federal statute. Passed in the early 1970s, the Family Educational Rights and Privacy Act (FERPA) was on the frontier of federal privacy regulation. But now it is old and ineffective. With the growing public concern about the privacy of student data, states are starting to rev up their engines and become more involved. The result could be game-changing legislation for the multi-billion dollar education technology industry.

Continue Reading