Bryan Cave is proud to present the third version of our in-house counsel’s guide to data privacy and security. The guide provides an overview of laws relevant to a variety of data matters topics, statistics that illustrate data privacy and security issues, and a breakdown of these data-related issues. It covers a range of privacy and security issues that apply in the HR and employee benefits areas, including HIPAA compliance and enforcement.

You may download a copy of the 2018 guide by clicking here.

The facts surrounding the Anthem breach continue to evolve as does Anthem’s handling of the situation.

Based on the current status of the investigation, and Anthem’s current reactions to the incident, there are steps which group health plan sponsors should consider taking to fulfill their own HIPAA and fiduciary obligations with respect to group health plans affected by the Anthem breach. These steps include the following:

• Have business associate agreements and other relevant documents reviewed to assess the plan sponsor’s rights and obligations with respect to the breach.
• Request from Anthem:
  • additional information about the breach;
  • confirmation concerning the steps that will be taken to protect the plan sponsor’s employees and affected individuals;
  • more extensive victim protection, client indemnification, and paid notification than Anthem is currently proposing to offer; and
  • confirmation that any state notification requirements will be satisfied on behalf plans