There has been a notable emphasis on proactive enforcement of the privacy and security of protected health information in recent weeks as evidenced by multiple developments regarding compliance with the Health Insurance...more
On April 6, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking public comment on "recognized security practices" and on sharing civil...more
4/11/2022
/ Business Associates ,
Civil Monetary Penalty ,
Covered Entities ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
NIST ,
OCR ,
Policies and Procedures ,
Public Comment
Organizations that meet the definition of "covered entity" under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) must be diligent to maintain the privacy and security...more
4/23/2019
/ Business Associates ,
Covered Entities ,
Cyber Insurance ,
Data Breach ,
Data Privacy ,
Data Security ,
Data Use Policies ,
Electronic Protected Health Information (ePHI) ,
Employee Training ,
Encryption ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Long Term Care Facilities ,
Long-Term Care ,
OCR ,
Passwords ,
Patient Privacy Rights ,
Patients ,
Phishing Scams ,
Popular ,
Portable Devices ,
Risk Assessment
On May 18, 2016, the Department of Health and Human Services (HHS) issued a final rule (the Rule) implementing the prohibition on discrimination under Section 1557 of the Affordable Care Act (ACA). Section 1557 prohibits...more
The HIPAA Breach Notification Rule requires covered entities to notify the Secretary of the Department of Health and Human Services (HHS) if a breach of unsecured protected health information (PHI) is discovered. As most...more