Word of our ‘secret weapon’ is out!Kimi Shah, KKI Partner and Head of our Estate Planning & Wealth Protection team, as a Rising Star.Australasian Lawyer has recognised our very own
Monthly Archives: February 2022
Federal District Court Vacates QPA Rebuttable Presumption Provisions of No Surprises Act Regulations
On February 23, 2022, in the case captioned Texas Med. Ass’n v. U.S. Dep’t of Health & Human Servs., No. 6:21-cv-00425-JDK (E.D. Tex.), the U.S. District Court for the Eastern District of Texas issued the first major judicial decision addressing implementation of the new federal No Surprises Act, which went into effect nationally on January 1, 2022. The Court’s decision significantly alters the landscape for claims qualifying for the No Surprises Act’s Federal Independent Dispute Resolution Process (IDRP), an arbitration process designed to resolve certain reimbursement disputes between commercial payors and out-of-network health care providers or emergency facilities.
The U.S. Cybersecurity and Infrastructure Agency (CISA) has urged a “Shields Up” defense in depth approach, as Russian use of wiper malware in the Ukrainian war escalates. The Russian malware “HermeticWiper” and “Whispergate” are destructive attacks that corrupt the infected computers’ master boot record rendering the device inoperable. The wipers effectuate a denial of service attack designed to render the device’s data permanently unavailable or destroyed. Although the malware to date appears to be manually targeted at selected Ukrainian systems, the risks now escalate of a spillover effect to Europe and the United States particularly as to: (i) targeted cyber attacks including on critical infrastructure and financial organizations; and (ii) use of a rapidly spreading indiscriminate wiper like the devastating “NotPetya” that quickly moves across trusted networks. Indeed, Talos researchers have found functional similarities between the current malware and “NotPetya” which was attributed to the Russian military to target Ukranian organizations in 2017, but then quickly spread around the world reportedly resulting in over $10 billion dollars in damage. The researchers added that the current wiper has included even further components designed to inflict damage.
Cookies Resulting in Cross Border Transfers of Personal Data to the United States Draw Scrutiny from European Data Privacy Regulators
Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through cookies to the United States. The EU Data Protection Authorities (DPAs) found that the use of widely used website technologies (i.e., cookies and java script) to automatically collect identifiers from the users’ devices or through their use of internet protocols (e.g., IP addresses) resulted in the collection of personal data. The DPAs further found that the subsequent transfer of this data to Google servers located in the United States violated EU cross-border data transfer requirements because there were inadequate safeguards under the Schrems II decision invalidating the EU-US Privacy Shield. One notable impact of the decisions is to dismiss the adequacy of encryption technologies where the service provider (such as Google) has access to the cryptographic key and can be compelled to surrender it in order for the data to be decrypted and read by U.S. surveillance authorities. Consideration of the impact of these decisions is critically important for ecommerce and other websites operating in the EU, as well as more generally for organizations that transfer personal data of consumers and employees to the U.S.
Australia has a high uptake of vaccination to COVID-19, partly due to enforceable public health orders at State level which require classes of workers to be vaccinated if they are to work outside of their home.
As at the date of writing, the position is summarised below.
The Federal Government has not mandated vaccination but has endorsed state mandates for vaccination of workers in aged care settings. Read more…
Over the past year, it has become increasingly common for employers in Massachusetts to establish and enforce mandatory COVID-19 vaccination policies. Such policies are legal and appropriate in Massachusetts. Unless required by law (see below), implementation of mandatory vaccination policies is at the discretion of the employer. Other than strict mandatory vaccination requirements for all employees, options include an alternative to vaccination in the form of regular testing, masking and social distancing requirements. Also, depending on such considerations as the nature of your business, the various duties and conditions of employment of your workforce, whether your employees are on site or remote, and whether they interact with the public, it may be reasonable to establish and enforce different policies for different groups of employees. It is recommended that employers carefully consider what makes sense for their needs and the needs of their employees. Read more…
Since its widespread roll out over the past year, the UK Government’s COVID19 vaccination programme has been largely successful. To date, over 70% of the population are fully vaccinated and a vaccination booster programme has now been implemented. Currently, compulsory vaccination only applies to those working in registered care homes in England (n.b. there are some exemptions). Because of the high uptake of vaccination amongst all constituent parts of the UK, it is unlikely that the devolved administrations or the UK Government will extend vaccine mandates to further sectors. Indeed, the trend appears to be going in the opposite direction with the UK Government recently abandoning compulsory vaccination for National Health Service (NHS) staff in England and the Scottish Government halting any extension of their vaccine certification schemes to further venues. Read more…
In the United States, the federal government has faced challenges in imposing vaccination mandates for large private employers, federal contractors, and certain health care employees. Because of that, choices around vaccination mandates have largely been left to private employers, in compliance with state and local laws relating to vaccination status. While some locations have mandated vaccination for private employers (New York City), others have placed restrictions on private employers’ ability to impose vaccine mandate (e. g., Florida, Texas, Utah, etc.). Below is a summary of two of these rules, to show how U.S. jurisdictions are treating vaccine mandates.
Tomorrow is officially the 13th “blogiversary” for Zen & the Art of Legal Networking. At times, it’s difficult to believe that I’ve been writing in this corner of the blogosphere for so long and at other times, it’s flown by. This year in particular has been a lot and it’s hard to find the words to share with you all.
Traditionally, I use this post to either reflect on where we’ve been or what I’ve learned and I appreciate the opportunity to do that each year. It’s not often that we’re able to slow down and take a look back.
CPRA RegulationsRead more…With the January 1, 2023 effective date of the California Privacy Rights Act (CPRA) fast approaching, companies have been eagerly awaiting the publication of CPRA regulations from the new California Privacy Protection Agency (CPPA). The regulations were originally set to be finalized by July 1, 2022 — a date that would have given businesses six months to prepare to comply with the CPRA.