As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more
On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more
To combat new risks associated with rapidly evolving health information technology, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act...more
Triple-S Salud, Inc. (“Triple-S”), a Puerto Rico Health Insurance Administration (“PRHIA”) contractor, filed a Form 8-K indicating that the PRHIA intended to impose a civil monetary penalty of $6,768,000 and other...more
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA...more
In its third resolution agreement of 2013, the Department of Health and Human Services, Office for Civil Rights (HHS OCR) today announced a $1.7 million resolution agreement with WellPoint, Inc., a health insurer and managed...more
Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule....more
HHS OCR announced today its second resolution agreement of 2013. Shasta Regional Medical Center (SRMC) has agreed to pay $275,000 and enter into a comprehensive corrective action plan (CAP) to settle an investigation opened...more
A California hospital that disclosed a patient’s medical record in response to a California Watch investigative report on the alleged inappropriate billing practices of the hospital’s parent organization was recently cited by...more