On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more
On Oct. 6, 2014, a final rule issued jointly by the Centers for Medicare & Medicaid Services (CMS), Centers for Disease Control and Prevention (CDC), and Office for Civil Rights (OCR) will require all HIPAA-covered labs...more
In response to providers being unable to fully implement 2014 Edition certified electronic health record technology (CEHRT) due to limited availability, CMS adopted changes proposed earlier this year through a final rule...more
Business associate agreements that have not already been updated as required by the HIPAA Omnibus Rule should be updated by September 22, 2014.
The Omnibus Rule changed and added mandatory language for valid business...more
On July 23, 2014, the Massachusetts attorney general announced a settlement with Women & Infants Hospital of Rhode Island (WIH) over the loss of unencrypted backup tapes. WIH agreed to pay $150,000 and undertake numerous...more
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued two reports to Congress, as required by the HITECH Act. The compliance report details OCR’s enforcement activities for 2011 and 2012 and...more
The Department of Health and Human Services’ Substance Abuse and Mental Health Services Administration (SAMHSA) is considering significant changes to the “Part 2” regulations (the Confidentiality of Alcohol and Drug Abuse...more