On July 1, 2024, the U.S. Department of Health and Human Services (“HHS”) Office For Civil Rights (“OCR”) announced a $950,000 settlement with Heritage Valley Health System (“Heritage Valley”) and a three-year Corrective...more
7/17/2024
/ Compliance ,
Corrective Action Plans (CAPs) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Violations ,
OCR ,
Ransomware ,
Settlement
On April 22, 2024, the U.S. Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a final rule to support reproductive health care privacy (the “Reproductive Rule”). According to the HHS OCR...more
On February 6, 2024, the HHS Office for Civil Rights (“OCR”) announced a settlement with Montefiore Medical Center (“MMC”) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more
In early November, the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) released its General Compliance Program Guidance (the Guidance). This was HHS OIG’s first update since 2008....more
On September 29, 2015, the Office of Inspector General (OIG) released two reports that reviewed the Office of Civil Rights’ (OCR) enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The...more
On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more
9/4/2015
/ Breach Notification Rule ,
Compliance ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
De-Identified Protected Health Information ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personally Identifiable Information ,
PHI ,
Popular ,
Privacy Policy ,
Settlement Agreements
St. Elizabeth’s Medical Center (SEMC), a tertiary care hospital based in Brighton, Mass., agreed to pay $218,400 to address deficiencies in its HIPAA compliance activities. The SEMC settlement continues a pattern of...more
The federal government invests significant resources in combating health care fraud and abuse. The U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) recently released its Strategic Plan...more
The September 23, 2013 deadline for covered entities, business associates and their subcontractors to comply with new HIPAA rules is fast approaching....more
The final regulations implementing the Physician Payments Sunshine Act take effect April 9, 2013. Pharmaceutical manufacturers, group purchasing organizations, academic medical centers and physicians need to be ready to...more