Latest Publications

Share:

WEBINAR: Creating Stable Security and Compliance Relationships Between Health Care Organizations and Vendors

The Omnibus Rule implementing the HITECH Act made several changes to the HIPAA Privacy and Security Rules that profoundly changed the dynamic between health care providers and vendors. In addition, the Breach Notification...more

WEBINAR: Cloud Computing & Health Care Organizations - Critical Privacy & Security Issues

More and more organizations are turning to the cloud because of how flexible and low-cost it is. As a result, many health care organizations are now using cloud-based servers to store patient information and are discovering...more

A New Sheriff in Town: Federal Trade Commission Enforcement of Medical Information Security

A recent court decision found that the Federal Trade Commission (FTC) has authority to enforce the requirements for security of Protected Health Information, or PHI, as defined under the Health Information Portability and...more

9/16/2014  /  Data Protection , EHR , FTC , Healthcare , LabMD , PHI , Popular

WEBINAR: Preparing for the HITECH September Deadline - Tips for Negotiating Effective Business Associate Agreements under HIPAA

Business Associate Agreements (BAAs), in the current regulatory and technological environment, require careful review and negotiation of the implementation of the regulatory requirements. In meeting the September 23, 2014...more

OCR Clarifies Permitted Disclosures, Including Mental Health Care

The disclosure of mental health records and other disclosure-related issues tends to be less than clear for providers in their efforts to comply with the federal privacy rules. Such issues relate to appropriate disclosures to...more

HIPAA Complaint Seeks Class Action Status

A complaint filed in the Superior Court of California on March 14, 2014, requested certification as a class action and sought a wide variety of damages arising from a breach of personal information. Doe vs. Sutherland Health...more

Self-pay Confidentiality Rights: How Far Do Those Rights Go?

The HIPAA Privacy Rule has always provided an individual patient the right to request special, confidential treatment of his or her protected health information (PHI). That right is not absolute, however. Covered entities...more

Foundations in HIPAA - Building Blocks of Health Law

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

HHS Office of Civil Rights Releases Several Model Notices of Privacy Practices

The HHS Office of Civil Rights (OCR) recently released several versions of a model Notice of Privacy Practices (NPP) for use by covered entity health plans and health care providers. The notices have been written specifically...more

FDA Recommends that Manufacturers Seeking Medical Device Approval Submit Cyber Security Plans

Last week, the FDA took steps to address a quietly growing concern regarding cyber security and medical devices. Specifically, the agency issued Draft Guidance requiring the submission of cyber security materials as part of...more

FDA Flexes Mobile App Enforcement Muscles (Gently)

The FDA was granted authority to regulate mobile health care applications (apps) as part of the Food and Drug Administration and Innovation Act. (For a detailed discussion of the FDA’s authority, see “FDA Safety and...more

6/24/2013  /  FDA , Healthcare , Mobile Apps , Telemedicine

Is Your Firewall On? Are You Sure? Idaho State University Settles Privacy Rule Violations for $400,000

The HHS Office of Civil Rights (OCR) recently announced a $400,000 settlement with Idaho State University (ISU) following a lengthy investigation of the privacy and security practices at ISU outpatient clinics. In addition to...more

HITECH and HIPAA: The Final Rule

The final rule implementing new obligations under HITECH and changing obligations under HIPAA is finally out. Covered entities and business associates need to come into compliance with these requirements by September 23,...more

HHS Overhaul of HIPAA: Summary of New Obligations for Covered Entities and Business Associates

On January 17, 2013, the Department of Health and Human Services (HHS) posted Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules [PDF] (the Final Rule) under the authority of the HITECH...more

Guidance on De-Identified Protected Health Information Offers In-depth Instruction on Technical Issues

The HITECH Act required the Secretary of Health and Human Services to publish a number of “Guidance” documents to inform the health care industry and its advisors about practical aspects of HIPAA compliance and HITECH...more

First OCR Settlement Involving a “Small” Breach Focuses on Mobile Device Security

In what is best understood as a follow-up to both the recent settlement with MEEI and the release of its mobile device security guidance, HHS OCR recently released details of a settlement reached with the Hospice of Northern...more

16 Results
/
View per page
Page: of 1

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.