Amy C. Pimentel

Subscribe to Amy C. Pimentel's Posts
Amy C. Pimentel focuses her practice on privacy and data security and general health law. Her clients operate in a variety of industries, including health care, consumer products, retail, food and beverage, technology, banking and other financial services. Read Amy Pimentel's full bio.

The Continuing Disconnect between the Health Care Industry and OCR on HIPAA’s Risk Analysis Requirement


By , and on May 6, 2018
Posted In Cybersecurity, Data Privacy, Telehealth

Lack of a sufficient risk analysis continues to be one of the most commonly alleged violations in Office for Civil Rights (OCR) HIPAA enforcement actions, appearing in half of all OCR settlements announced in the last 12 months and in almost all of the $1 million-plus settlements during that time period. Significant confusion remains across...

Continue Reading



Order now: The Law of Digital Health Book


By , , , , , , , , , , , and on Mar 20, 2018
Posted In Big Data, Cloud, Consumer Protection, Data Privacy, General Interest, Telehealth

Designed to provide business leaders and their key advisors with the knowledge and insight they need to grow and sustain successful digital health initiatives, we are pleased to present The Law of Digital Health, a new book edited and authored by McDermott’s team of distinguished digital health lawyers, and published by AHLA. Visit www.mwe.com/lawofdigitalhealth to order this...

Continue Reading



Does GDPR Regulate My Research Studies in the United States?


By , and on Feb 7, 2018
Posted In Big Data, Consumer Protection, Data Privacy, Workplace Privacy

The General Data Protection Regulation (GDPR) establishes protections for the privacy and security of personal data (Personal Data) about individuals in the European Union (EU) single market countries, and potentially affects the clinical and other scientific research activities of academic medical centers and other research organizations in the United States. This On the Subject includes...

Continue Reading



Irish Court Casts Serious Doubt on EU Model Clauses


By , , , and on Oct 17, 2017
Posted In Cybersecurity, Data Privacy, Data Transfers/Safe Harbor/Privacy Shield

The validity of Model Clauses for EU personal data transfer to the United States is now in real doubt as a result of a new Irish High Court judgment stating that there are “well founded grounds” to find the Model Clauses invalid. The issue of Model Clauses as a legitimate data transfer mechanism will now...

Continue Reading



The Department of Transportation Helps Clear the Road for Autonomous Vehicles


By , and on Sep 27, 2017
Posted In Cybersecurity, Data Privacy, General Interest

The US Department of Transportation’s National Highway Traffic Safety Administration recently released A Vision for Safety 2.0, an update to its prior guidance on automated driving systems. The new guidance adopts a voluntary, flexible approach to regulation of automated driving systems and clarifies that it alone, and not the states, is responsible for regulating the...

Continue Reading



Regulating the Internet of Toys


By on Jul 28, 2017
Posted In Consumer Protection, Cybersecurity, Data Privacy, General Interest

New technologies and the expansion of the Internet of Things have allowed children of this generation to experience seamless interactive technologies through microphones, GPS devices, speech recognition, sensors, cameras and other technological capabilities. These advancements create new markets for entertainment and education alike and, in the process, collect endless amounts of data from children–from their...

Continue Reading



The TCPA: An Unexpected Deterrent to Patient Engagement Tools


By on Mar 31, 2017
Posted In Advertising & Marketing, Consumer Protection, General Interest, Telehealth, Text Messaging

In an age where providers are increasingly taking the management of their patient’s health online and out of the doctor’s office, the creation of scalable and nimble patient engagement tools can serve to improve patient experience, health care outcomes and health care costs. While the level of enthusiasm for these tools is at an all-time...

Continue Reading



ECJ Confirms Dynamic IP Address May Constitute Personal Data But Can Be Logged to Combat Cyberattacks


By and on Oct 31, 2016
Posted In Cybersecurity, Data Privacy, Data Transfers/Safe Harbor/Privacy Shield, General Interest

On 19 October 2016, the European Court of Justice (ECJ) held (Case C-582/14 – Breyer v Federal Republic of Germany) that dynamic IP addresses may constitute personal data. The ECJ also held that a website operator may collect and process IP addresses for the purpose of protecting itself against cyberattacks, because in the view of...

Continue Reading



The Privacy Shield: September 30, 2016, Deadline for Early Self-Certification Offers Compliance Opportunity and Risk


By , and on Sep 6, 2016
Posted In Data Privacy, Data Transfers/Safe Harbor/Privacy Shield

The European Commission recently determined that the Privacy Shield Framework is adequate to legitimize data transfers under EU law, providing a replacement for the Safe Harbor program. The Privacy Shield is designed to provide organizations on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data...

Continue Reading



FTC Report Alerts Organizations about the Risks and Rewards of Big Data Analytics


By on Jan 25, 2016
Posted In Big Data, Consumer Protection, Data Privacy

On January 6, the Federal Trade Commission (FTC) released a report that it hopes will educate organizations on the important laws and research that are relevant to big data analytics. The report, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues, looks specifically at how big data is used after it is collected...

Continue Reading



STAY CONNECTED

TOPICS

ARCHIVES

2021 Chambers USA top ranked firm
LEgal 500 EMEA top tier firm 2021
U.S. News Law Firm of the Year 2022 Health Care Law