As a service to our readers, we have distilled last week’s joint HHS Office of Civil Rights (OCR) and National Institute of Standards in Technology (NIST) conference, “Safeguarding Health Information: Building Assurance...more
The U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released guidance last Wednesday to help covered entities and business associates understand the privacy implications of the 2013...more
In the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date, two New York hospitals have agreed to pay $4.8 million to settle allegations that they failed to secure thousands of patients’...more
The Connecticut State Senate recently passed a bill that would impose additional disclosure and consent requirements on retailers offering pharmacy rewards programs to consumers. If the bill passes the Connecticut House and...more
How much is the cost of doing nothing when it comes to encryption of sensitive data? In the case of electronic protected health information, about $2 million.
Two companies have been hit with fines equaling a total...more
Two companies were hit with fines equaling a total of almost $2 million to settle alleged Health Insurance Portability and Accountability Act (HIPAA) violations involving stolen, unencrypted laptops, the U.S. Department of...more
Triple-S Management Corp. (“Triple-S”), a Puerto Rico-based health insurer, has been fined $6.8 million by the Puerto Rico Health Insurance Administration (“PRHIA”) following a Health Insurance Portability and Accountability...more
Welcome to our series, “The 12 Days of Privacy” as we look to “gifts” that may be received this season and some of the big issues ahead ….
Day One – - HIPAA 2014 – Where will the Audit Trail Lead?
The year 2013...more
The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more
With the September 23, 2013 compliance date for the HIPAA Omnibus Rule only one week away, the Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have developed...more
Understanding the complexities of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules is often a challenge for health care providers and consumers. Recognizing the widespread...more
Gun violence is a hot topic in the wake of the Newtown shootings and the aftermath of last week’s Boston Marathon bombings, and now health privacy has joined the debate....more
The Department of Health and Human Services, Office for Civil Rights (OCR) has posted on its website sample business associate agreement provisions to help covered entities and business associates comply with the new business...more
Mintz Levin is pleased to provide this section-by-section analysis of the HIPAA Omnibus Rule.
The chart lists provisions of the proposed privacy, security and enforcement rules mandated by the Health Information...more
Originally published in Compliance Today on December 1, 2012.
..Covered entities are now subject to privacy and security audits by OCR.
..OCR published audit protocols regarding its standards for such...more