James Wieland

James Wieland

Ober|Kaler

Contact  |  View Bio  |  RSS

Latest Publications

Share:

A New Sheriff in Town: Federal Trade Commission Enforcement of Medical Information Security

A recent court decision found that the Federal Trade Commission (FTC) has authority to enforce the requirements for security of Protected Health Information, or PHI, as defined under the Health Information Portability and...more

9/16/2014 - Data Protection EHR FTC Healthcare LabMD PHI Popular

WEBINAR: Preparing for the HITECH September Deadline - Tips for Negotiating Effective Business Associate Agreements under HIPAA

Business Associate Agreements (BAAs), in the current regulatory and technological environment, require careful review and negotiation of the implementation of the regulatory requirements. In meeting the September 23, 2014...more

7/30/2014 - Business Associates Contract Negotiations Healthcare HIPAA HITECH Negotiations Patient Privacy Rights Regulatory Standards

OCR Clarifies Permitted Disclosures, Including Mental Health Care

The disclosure of mental health records and other disclosure-related issues tends to be less than clear for providers in their efforts to comply with the federal privacy rules. Such issues relate to appropriate disclosures to...more

4/2/2014 - Healthcare HIPAA Mental Health Mental Health Parity Rule OCR

HIPAA Complaint Seeks Class Action Status

A complaint filed in the Superior Court of California on March 14, 2014, requested certification as a class action and sought a wide variety of damages arising from a breach of personal information. Doe vs. Sutherland Health...more

3/31/2014 - Class Action Class Certification Data Breach HIPAA Personally Identifiable Information PHI

Self-pay Confidentiality Rights: How Far Do Those Rights Go?

The HIPAA Privacy Rule has always provided an individual patient the right to request special, confidential treatment of his or her protected health information (PHI). That right is not absolute, however. Covered entities...more

3/28/2014 - Confidential Information Healthcare HIPAA HITECH PHI

Foundations in HIPAA - Building Blocks of Health Law

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

2/3/2014 - Enforcement Healthcare HIPAA HIPAA Omnibus Rule HITECH OCR

HHS Office of Civil Rights Releases Several Model Notices of Privacy Practices

The HHS Office of Civil Rights (OCR) recently released several versions of a model Notice of Privacy Practices (NPP) for use by covered entity health plans and health care providers. The notices have been written specifically...more

9/18/2013 - HHS HIPAA HIPAA Omnibus Rule HITECH Notice of Privacy Practices OCR

FDA Recommends that Manufacturers Seeking Medical Device Approval Submit Cyber Security Plans

Last week, the FDA took steps to address a quietly growing concern regarding cyber security and medical devices. Specifically, the agency issued Draft Guidance requiring the submission of cyber security materials as part of...more

6/25/2013 - Cyber Attacks Cybersecurity Data Protection FDA Healthcare Malware Manufacturers Medical Devices

FDA Flexes Mobile App Enforcement Muscles (Gently)

The FDA was granted authority to regulate mobile health care applications (apps) as part of the Food and Drug Administration and Innovation Act. (For a detailed discussion of the FDA’s authority, see “FDA Safety and...more

6/24/2013 - FDA Healthcare Mobile Apps Telemedicine

Is Your Firewall On? Are You Sure? Idaho State University Settles Privacy Rule Violations for $400,000

The HHS Office of Civil Rights (OCR) recently announced a $400,000 settlement with Idaho State University (ISU) following a lengthy investigation of the privacy and security practices at ISU outpatient clinics. In addition to...more

6/24/2013 - Corrective Actions OCR Penalties PHI Privacy Rule Settlement

HITECH and HIPAA: The Final Rule

The final rule implementing new obligations under HITECH and changing obligations under HIPAA is finally out. Covered entities and business associates need to come into compliance with these requirements by September 23,...more

3/14/2013 - Business Associates Data Breach Data Protection GINA Healthcare HIPAA HITECH Notice Requirements PHI

HHS Overhaul of HIPAA: Summary of New Obligations for Covered Entities and Business Associates

On January 17, 2013, the Department of Health and Human Services (HHS) posted Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules [PDF] (the Final Rule) under the authority of the HITECH...more

1/24/2013 - Business Associates Covered Entities Data Breach Data Protection Disclosure Requirements Enforcement Fundraisers GINA HIPAA HIPAA Omnibus Rule HITECH Marketing PHI Privacy Policy Subcontractors Third-Party

Guidance on De-Identified Protected Health Information Offers In-depth Instruction on Technical Issues

The HITECH Act required the Secretary of Health and Human Services to publish a number of “Guidance” documents to inform the health care industry and its advisors about practical aspects of HIPAA compliance and HITECH...more

1/8/2013 - Data Protection De-Identified Protected Health Information HHS HIPAA HITECH OCR Technology

First OCR Settlement Involving a “Small” Breach Focuses on Mobile Device Security

In what is best understood as a follow-up to both the recent settlement with MEEI and the release of its mobile device security guidance, HHS OCR recently released details of a settlement reached with the Hospice of Northern...more

1/7/2013 - Compliance Data Breach Data Protection Health Information Technologies HHS HIPAA HONI Mobile Devices OCR Patient Confidentiality Breaches Settlement

14 Results
|
View per page
Page: of 1