How to Communicate a Data Breach Externally
External communication and notification after a breach is often essential to the public’s perception of the data breach. Whether laws of the jurisdiction mandate notice, or whether the company is taking the initiative to disclose the breach and its impact, communication that is organized and carefully disseminated can minimize confusion, garner goodwill, mitigate damages, and demonstrate transparency and cooperation.
HIPAA and Workplace Wellness Programs
April 30, 2015
by Kimberly C. Metzger, Partner
Many employers offer health and wellness programs to benefit employees and reduce absenteeism and health care costs. These workplace wellness programs may result in the collection and creation of individually-identifiable health information from and about program participants. Do the HIPAA Privacy, Security, and Breach Notification Rules ("HIPAA Rules") apply to this information?