Kimberly Gordy

Kimberly Gordy

BakerHostetler

Contact
View Bio
RSS

Latest Publications

Share:

Looking in the Mirror: HHS OIG Audit Demonstrates HHS Agency’s Own Need for Focus on Cloud Security

The OIG, the nation’s leader in fighting fraud, waste and abuse of Medicare, Medicaid and other HHS programs, periodically publishes reports on how federal healthcare programs could improve....more

8/21/2024  /  Audits , Cloud Computing , Cloud Storage , Department of Children and Families (DCF) , Department of Health and Human Services (HHS) , Health Insurance Portability and Accountability Act (HIPAA) , Information Reports , OIG , Risk Management , Security and Privacy Controls , Sensitive Personal Information

The Long-Awaited Part 2 Modifications Are Finalized with New Obligations for Part 2 Providers and Less Friction for Sharing...

On February 8, 2024, the U.S. Department of Health & Human Services (HHS) released a final rule modifying 42 CFR Part 2 (Part 2) provisions regarding the confidentiality of Substance Use Disorder (SUD) Patient Records. The...more

3/1/2024  /  Administrative Procedure , Business Associates , CARES Act , Compliance , Consent , Covered Entities , Data-Sharing , Department of Health and Human Services (HHS) , Final Rules , Health Care Providers , HIPAA Breach Notification Rule , HITECH Act , Information Sharing , Opioid , Patient Privacy Rights , PHI , Prior Authorization , Public Health , SAMHSA , Substance Abuse , Tribal Governments

HHS Publishes ‘Voluntary’ Healthcare Cybersecurity Performance Goals in Record Time but Leaves Questions Unanswered

As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more

2/9/2024  /  Compliance , Cybersecurity , Data Protection , Data Security , Department of Health and Human Services (HHS) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , NIST , OCR , Risk Mitigation

Review of the Executive Order on Reforming Federal Funding and Support for Tribal Nations to Better Embrace Our Trust...

For our clients in Indian Country, the recent Executive Order is a welcome development as Tribal Nations plan and allocate funding to future projects. On Dec. 6, during the White House Tribal Nations Summit, President Biden...more

1/26/2024  /  Biden Administration , Executive Orders , Federal Funding , Inflation Reduction Act (IRA) , Native American Issues , Sovereign Territories , Tribal Governments , Tribal Lands

HHS ‘Concept Paper’ Forecasts Stormy Cybersecurity Compliance Weather: New Cybersecurity Requirements and Increased Enforcement to...

On Dec. 6, the Department of Health and Human Services (HHS or the Department) released what it is calling a “concept paper” on its role in cybersecurity for the healthcare sector (the HHS paper). The HHS paper is sweeping in...more

1/3/2024  /  Cybersecurity , Data Breach , Data Protection , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Information Reports , OCR , White Papers

Tribal Privacy Codes: Establishing Self-Governance in the Post-Internet Age

Recent trends in privacy legislation, including the passage of California Consumer Privacy Act, more commonly referred to as the CCPA, as well as copycat laws in at least nine other states, make clear the intention of state...more

8/29/2023  /  California Consumer Privacy Act (CCPA) , Federal Jurisdiction , Jurisdiction , Native American Issues , Personal Information , Preemption , Privacy Laws , Sovereign Immunity , State Data Breach Notification Statutes , State Privacy Laws , Tribal Governments

Privacy ‘Deep in the Heart of Texas’: An Overview of the Texas Data Privacy and Security Act

Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more

6/21/2023  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , COPPA , Data Privacy , Data Security , Exemptions , General Data Protection Regulation (GDPR) , Governor Abbott , Health Insurance Portability and Accountability Act (HIPAA) , HITECH Act , Nonprofits , Personal Data , Personal Information , Privacy Laws , Public Utility , SBA , Sensitive Personal Information , Small Business , State Privacy Laws

OCR releases YouTube Addressing “Recognized Security Practices” in HIPAA Enforcement Context

As a Halloween treat for HIPAA-covered entities and business associates, on October 31, the Department of Health and Human Services Office for Civil Rights (OCR) released a new video on its YouTube channel, in which senior...more

11/14/2022  /  Business Associates , Covered Entities , Data Protection , Data Security , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , NIST , OCR , PHI

‘Unboxing’ the New NIST Guidance: NIST Publishes Significant Update to Healthcare Cybersecurity Guide

​​​​​​​Without question, healthcare providers and the companies that support them operate in an elevated cybersecurity risk environment. And when a cybersecurity incident occurs, the ensuing regulatory inquiries and/or...more

8/5/2022  /  Cybersecurity , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Security Rule , New Guidance , NIST , Popular , Risk Assessment , Risk Management

HHS OCR Guidance to 60,000 Retail Pharmacies: Refusal to Fill Rx Based on Potential Pregnancy Termination Concerns Is a Civil...

On July 13, the Department of Health & Human Services (HHS) Office for Civil Rights (OCR) issued guidance to retail pharmacies that refusing to dispense a prescribed medication or making a determination on the suitability of...more

7/18/2022  /  Abortion , Anti-Discrimination Policies , Department of Health and Human Services (HHS) , Disability Discrimination , Federal Funding , New Guidance , OCR , Pharmacies , Pregnancy , Prescription Drugs , Reproductive Healthcare Issues , Sex Discrimination

The Room Where It Happens: The Autonomy of the Hospital Ethics Committees Post-Dobbs

Since the issuance of the Dobbs decision, there’s been significant discussion by lawyers, philosophers, healthcare providers and political leaders. The ruling has created uncertainty and confusion for those working in the...more

7/14/2022  /  American Medical Association , Criminal Liability , Dobbs v. Jackson Women’s Health Organization , Ethics , Health Care Providers , Hospitals , Professional Liability , Reproductive Healthcare Issues

Sounding the Alarm: New Federal Law Will Mandate the Reporting of Cybersecurity Incidents Involving Critical Infrastructure - What...

In response to increased and persistent cybersecurity threats to American infrastructure, Congress passed the Strengthening American Cybersecurity Act (SACA), which President Joe Biden signed into law on March 15. SACA is...more

3/18/2022  /  Biden Administration , Covered Entities , Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Cybersecurity Information Sharing Act (CISA) , New Legislation , Ransomware
12 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide