On February 16, 2024, the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a final version of the cybersecurity resource guide (the “Guide”) with respect to the HIPAA...more
On September 23, 2020, the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) announced that CHSPSC LLC, (CHSPSC) agreed to pay $2,300,000 and adopt a Corrective Action Plan (CAP) to...more
On November 5, 2019, the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) announced a $3 million settlement with the University of Rochester Medical Center (URMC) to settle potential...more
More than 400 dental offices across the United States were the victim of a recent ransomware attack that prevented dentists from accessing patient records and patient personal data. ...more
IBM Security and the Ponemon Institute recently released their 2019 Cost of Data Breach Report (the “Report”). This is the 14th annual report these groups have published. ...more
Health care providers are heavily reliant on technology in providing clinical services. The findings from a recent research study highlight the significant threat of cyber risks in health care that is in addition to the...more
INTRODUCTION -
The Saul Ewing Arnstein & Lehr, LLP health care practice group includes attorneys that handle regulatory, compliance, transactional and litigation needs for clients across the entire health care delivery...more
2/1/2019
/ Cannabidiol (CBD) oil ,
Centers for Medicare & Medicaid Services (CMS) ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Hart-Scott-Rodino Act ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Malpractice ,
Medical Marijuana ,
National Practitioner Data Bank (NPDB) ,
OCR ,
Popular
On December 28, 2018, the U.S. Department of Health and Human Services ("HHS") released a publication, Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (the "Cybersecurity Guidance"). ...more
On October 15, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Anthem, Inc. (Anthem) agreed to pay $16 million to settle allegations relating to HIPAA violations...more
Verizon recently released its 11th annual Data Breach Investigation Report (DBIR). The DBIR is a helpful tool for everyone in the health care sector to understand trends in cybercrime and most typical causes of security...more
2017 was a year in contrasts for the health care delivery system. Congress and President Trump made several attempts to “repeal and replace” the Affordable Care Act. Controversy about marijuana continued as more states...more
2/14/2018
/ Affordable Care Act ,
Cybersecurity ,
Department of Justice (DOJ) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Individual Mandate ,
Marijuana ,
Medical Marijuana ,
Medicare Advantage ,
OCR ,
PHI ,
Popular ,
Telehealth ,
Trump Administration
On February 1, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Fresenius Medical Care North America (FMCNA) agreed to pay $3.5 million and enter into a Corrective...more
In early June 2017, the U.S. Department of Health and Human Services (HHS) Health Care Industry Cybersecurity (HCIC) Task Force released a “Report on Improving Cybersecurity in the Health Care Industry” (the Report). The...more
On April 20, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Children’s Digestive Health (CDH) agreed to pay HHS $31,000 for its failure to have a business associate...more
On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more
On November 22, 2016, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that University of Massachusetts Amherst (UMA) agreed to settle allegations relating to the HIPAA Privacy...more
On October 18, 2016, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that St. Joseph Health (SJH) agreed to settle allegations relating to the HIPAA Privacy and Security Rules,...more
10/26/2016
/ Business Associates ,
Corrective Actions ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI
On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more
9/4/2015
/ Breach Notification Rule ,
Compliance ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
De-Identified Protected Health Information ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personally Identifiable Information ,
PHI ,
Popular ,
Privacy Policy ,
Settlement Agreements
In the December 27, 2013 edition of the Federal Register, the Office of Inspector General (“OIG”) and Centers for Medicare and Medicaid Services (“CMS”), both within the U.S. Department of Health and Human Services (“HHS”),...more