Latest Publications

Share:

Private Needle Exchange Programs Do Not Require Local Approval: Massachusetts Supreme Judicial Court Weighs In

Last week, in a case being watched locally and nationally, the Massachusetts Supreme Judicial Court (“SJC”) ruled that local government approval is not required for the operation of a private needle exchange program and that...more

Two HIPAA Mistakes Lead to Fines from OCR

It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C....more

Health Care Weekly Preview from ML Strategies – April 2017

Welcome back everybody. While the momentum around an American Health Care Act (AHCA) comeback is unclear, there’s no discounting that efforts are ongoing to reach a consensus among House Republicans with significant pressure...more

Gone Phishin’: Hack Leads to HIPAA Settlement

While your business may indeed be a “victim” when hit by a phishing attack, your enterprise can also be responsible for violations of law associated with the incident. Earlier this week, the HHS Office for Civil Rights...more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

A New FBI Warning for Healthcare Providers

The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more

March Fadness: Wearable Tech in the Workplace

Wearable technology continues to do a full court press on the marketplace and in the process, the step counters of the world and health apps tied to devices capable of tracking real-time biostatistics, are revolutionizing the...more

Massachusetts Regulatory Overhaul: Hospitals, Clinics, Dialysis Units, and Medical Marijuana – Oh My!

The Massachusetts Department of Public Health (DPH) has released proposed amended regulations for the licensure of hospitals, clinics, and out-of-hospital dialysis units, proposed the rescission of separate birth center...more

Latest OCR HIPAA Settlement Provides Lessons for Covered Entities

Capping off a busy month of HIPAA settlements, on August 4, the Office for Civil Rights (“OCR”) announced a $5.55 million settlement with Advocate Health Care Network (“Advocate”), the largest fully-integrated healthcare...more

“Your Money or Your PHI”: OCR Releases Guidance on Ransomware

On July 11, 2016, the Office for Civil Rights (OCR) released important new guidance on ransomware for hospitals and other healthcare providers and finally addressed the question of whether electronic protected health...more

At Long Last, CMS Issues Final Rule for Lab Fee Schedule Changes

Last Friday afternoon CMS released its eagerly anticipated final rule (the Final Rule) implementing the Protecting Access to Medicare Act of 2014 (PAMA), which, together with the Final Rule, will make sweeping changes to the...more

Check Your Inbox: OCR Continues to Verify Entity Contact Information for Phase 2 HIPAA Audits

Covered Entities need to continue to check their inboxes for emails from the HHS Office for Civil Rights (“OCR”) requesting verification of contact information in connection with Phase 2 of the HIPAA Audit Program. OCR...more

Justices Grapple with Limits of False Claims Act Liability in Implied Certification Cases

Last week the Supreme Court heard oral argument in a False Claims Act (“FCA”) case in which the Court is considering the validity of the so-called implied false certification theory. This theory attaches FCA liability when a...more

Ready or Not, It’s Time For Phase 2 HIPAA Audits

On March 21st, the HHS Office for Civil Rights (“OCR”) officially launched Phase 2 of the HIPAA Audit Program. Covered Entities and Business Associates need to be prepared for these audits and be on the lookout for emails...more

Drug Company Payments and Prescribing Patterns Linked, Massachusetts Is An Outlier

As reported in yesterday’s Boston Globe, compared to national averages, Massachusetts physicians are less likely to receive payments or items of value from pharmaceutical companies and less likely to be heavy prescribers of...more

Don’t Neglect Your Business Associate Agreements!

As we have repeatedly emphasized on this blog, HIPAA Covered Entities must ensure that they have compliant business associate agreements (“BAAs”) in place with all of their business associates and must ensure that they have...more

Ransomware Strikes California Hospital – Could You Be Next?

In a chain of events that should be a wake-up call to any entity using and storing critical health information (and indeed, ANY kind of critical information), Hollywood Presbyterian Medical Center (“HPMC”) has announced that...more

Hollywood Presbyterian Concedes to Hacker’s Demands in Ransomware Attack

In a chain of events that should be a wake-up call to any entity using and storing critical health information, Hollywood Presbyterian Medical Center (“HPMC”) has announced that it paid hackers $17,000 to end a malware attack...more

Latest OCR Enforcement Action: Underbed Storage is Not Appropriate for PHI

Recent enforcement actions by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) have highlighted that, not surprisingly, Covered Entities should not leave medical records in a...more

2/5/2016  /  HHS , HIPAA , Home Health Care , OCR , PHI , Privacy Policy

HIPAA and Health Care Data Privacy – 2015 Year in Review

As the year winds down, we look back with a mixture of nostalgia and queasiness on the major Health Insurance Portability and Accountability Act (HIPAA) events that defined 2015. Incredibly large data breaches became...more

Agencies Extend Comment Period on Proposed Changes to Clinical Research Rules

Those wishing to comment on revisions to the Federal Policy for Protection of Human Subjects (known as the “Common Rule”) could add a 30-day comment period extension to the things they were grateful for at this year’s...more

Data-Harvesting Zombie Hackers, Blood-Thirsty Auditors, and Other Reasons to be Scared on Halloween

This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more

What’s Lurking in Your Lab? Legal Risks for Hospital Laboratories

Most health-care lawyers are accustomed to monitoring the high profile areas of regulatory enforcement in health care. However, many hospital lawyers, whether in-house or outside counsel, are unaware of the potential...more

CMS Publishes Long-Awaited PAMA Proposed Rule

On September 25, 2015, the Centers for Medicare & Medicaid Services (CMS) announced publication of the proposed rule (the “Proposed Rule”) implementing substantial changes to the Medicare Clinical Laboratory Fee Schedule...more

Back to School – HIPAA 101

After a summer that saw major data breaches at the Office of Personnel Management and UCLA Health System, this fall is a great time to take your organization back to school on HIPAA compliance and data security. Here are...more

53 Results
/
View per page
Page: of 3

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.