PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

An Overview of Privacy Law in 2022

Free download of Chapter 1 of PRIVACY LAW FUNDAMENTALS (6th ed. 2022) An Overview of Privacy Law The chapter covers the types of privacy law, provides a list of US federal privacy laws, and includes an historical timeline of major developments in privacy law.

New 2022 Edition of PRIVACY LAW FUNDAMENTALS

Book - Privacy Law Fundamentals - Solove Schwartz 02a

I am pleased to announce that Professor Paul Schwartz and I have just published a new 6th edition of our book, PRIVACY LAW FUNDAMENTALS.  Now in a new 6th edition for 2022, PRIVACY LAW FUNDAMENTALS is a distilled guide to the essential elements of U.S. data privacy law. In an easily-digestible format, the book covers […]

Is HIPAA Enforcement Too Lax?

By Daniel J. Solove ProPublica has been running a series of lengthy articles about HHS Office for Civil Rights (OCR) enforcement that are worth reading. A Sustained and Vigorous Critique of OCR HIPAA Enforcement A ProPublica article from early in 2015 noted that HIPAA fines were quite rare. The article noted that from 2009 through […]

Blogging Highlights 2015: Health Privacy+Security Issues

HIPAA Training

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts about health privacy and security: Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents

Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents

By Daniel J. Solove Whenever I go to a doctor and am asked what I do for a living, I say that I focus on information privacy law. “HIPAA?” the doctors will ask. “Yes, HIPAA,” I confess. And then the doctor’s face turns grim.  At first, it looks like the face of a doctor about […]

Patient Access to Medical Records Under HIPAA: Significant Reform Needed

by Daniel J. Solove Recently, I wrote about the challenges in accessing health information about family members.  In this post, I will explore patients’ access to their own medical records. HIPAA doesn’t handle patient access to medical records very well. There are many misunderstandings about patient access under HIPAA that make it quite difficult for […]

HIPAA’s Friends and Family Network: Access to Health Information

by Daniel J. Solove Suppose your elderly mother is being treated at the hospital for a heart condition. Your mother tells her doctor that you can have access to her health information. The doctor, however, doesn’t disclose the information to you. The doctor thinks that you can only have the information with a signed written […]

New Resource Page: Text of HIPAA’s Training Requirements

by Daniel J. Solove I recently created a new resource page for the TeachPrivacy website: Text of HIPAA’s Training Requirements.  This page provides excerpts of the training provisions in the HIPAA Privacy Rule and the HIPAA Security Rule. This page is designed to be a useful companion page to our resource page, HIPAA Training Requirements: […]

Health Data Security in Crisis, Phase 2 Audits, and Other HIPAA Privacy + Security Updates

By Daniel J. Solove Co-authored with Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. We have split the health/HIPAA material from our updates on other topics. To see our updates for other topics, click here. For a PDF version […]

Privacy Law: From a National Dish to a Global Stew

By Daniel J. Solove This post is co-authored by Professor Neil Richards The recent case of Google v. Vidal-Hall in the UK has generated quite a buzz, with Omer Tene calling it the “European privacy judicial decision of a decade.” The case illustrates several fascinating aspects of the developing global law of privacy, with big […]