Tag Archives: laws

More Patients Meeting With Doctors Via Web Programs Such as Skype

Physicians using webcams to consult with patients soon could see significant obstacles, as state laws likely will grow more restrictive as technology advances, according to Capistrant.

Physicians must be licensed in the state where their practice is located and in any state where they see patients through videoconferencing. However, Capistrant said that some states have agreements with others to accommodate doctors who see patients across state lines.

In addition, Capistrant said doctors must make sure their communication with patients meets HIPAA security requirements.

via More Patients Meeting With Doctors Via Web Programs Such as Skype – iHealthBeat.

Lawsuit Brewing Against Popular POS Software Provider and Reseller

With evidence mounting of flagrant abuses of PCI-DSS security standards, two attorneys are on the verge of announcing the official filing of a national lawsuit against one of the hospitality industry’s biggest point-of-sale (POS) technology providers and one of its system resellers. The targets of the upcoming legal action will be Restaurant Data Concepts, Inc. of Warwick, Rhode Island – creators of the POSitouch™ system – and CC Productions of Hoboken, New Jersey, the reseller. POSitouch technology is installed in more than 20,000 restaurants nationwide.

via Lawsuit Brewing Against Popular POS Software Provider and Reseller.

Patients Question HIPAA Provision That Allows Use Of Patient Data For Fundraising

The federal law known as HIPAA that is meant to protect the privacy of patients “specifically allows medical centers to use patient information for fundraising activities,” The Seattle Times reports. “Information about diagnosis or treatment is off-limits, but federal and state laws allow hospitals, in most cases, to use a patient's name, address, contact information, dates of hospital service, gender, age and insurance status in fundraising efforts.”

via Patients Question HIPAA Provision That Allows Use Of Patient Data For Fundraising.

AMA and AOA Sue Federal Trade Commission to Exclude Physicians From “Red Flags Rules”

The American Medical Association (AMA) and the American Osteopathic Association (AOA) today filed a lawsuit against the US Federal Trade Commission (FTC) to prevent the agency from subjecting medical practices to identify-theft regulations called “Red Flags Rules.”

via AMA and AOA Sue Federal Trade Commission to Exclude Physicians From “Red Flags Rules”.

New Law Lets Banks Recover Data Breach Costs – www.esecurityplanet.com

Washington last week became the third state to pass legislation that will allow banks to recover certain costs and damages from retailers and credit card processors that suffer data breaches after failing to comply with current Payment Card Industry (PCI) standards.

The law, which goes into effect on July 1 in Washington, follows similar laws passed in the states of Minnesota and Nevada and marks a fundamental change in the way government and private sector industries assign responsibility and accountability for preventing identity theft.

via New Law Lets Banks Recover Data Breach Costs – www.esecurityplanet.com.

Don’t Let Your CRM System Feed the Lawsuit Beast

The best way to avoid PCI audits and headlines about credit card lists leaking to the internet is to not store that data in the CRM system in the first place. Although your customer service reps (CSR) may need to access that data, the CRM system should hold only pointers (external keys) to the system of record for credit card numbers, bank account numbers, payment history, etc

via Don’t Let Your CRM System Feed the Lawsuit Beast.

Restaurant Owners File Lawsuit Over Credit Card Billing Safety Problems – AboutLawsuits.com

Several restaurant owners in Louisiana and Mississippi are suing two companies that provided them with point-of-sale POS computer systems for credit card billing, saying that the systems were unsecure and allowed hackers to steal thousands of customers’ credit card information.

via Restaurant Owners File Lawsuit Over Credit Card Billing Safety Problems – AboutLawsuits.com.

NIST Updates Automated Computer Security Validation Guidelines

The National Institute of Standards and Technology (NIST) has issued a draft publication for public comment that describes changes to the Security Content Automation Protocol (SCAP). SCAP is a suite of specifications that use the eXtensible Markup Language (XML) to standardize how software products exchange information about software flaws and security configurations.

via NIST Updates Automated Computer Security Validation Guidelines.