Latest Posts › HHS

Share:

GAO Report Criticizes HHS’ HIPAA Cybersecurity Guidance and Program

Recently, the Government Accountability Office (GAO) reviewed the U.S. Department of Health and Human Services’ (HHS) security and privacy oversight and identified significant gaps in the cybersecurity guidance provided by...more

$2.75 Million OCR Settlement Underscores the Importance of Risk Management and Analysis

How the theft of a single password-protected laptop turned into an enterprise-wide review of an organization’s data protection practices. Following the announcement of a recent settlement between the U.S. Department of...more

OCR Clarifies “Reasonable, Cost-Based” Fee Calculations for Access to Medical Records

By couching its position in an individual’s right to access protected health information (PHI), beginning on January 7, 2016, the U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) issued guidance to...more

6/10/2016  /  HHS , HIPAA , OCR , PHI

ALJ Upholds OCR’s $239,800 CMP for Healthcare Provider

On January 13, 2016, the Department of Health and Human Services’ Administrative Law Judge upheld the Office for Civil Rights’ (OCR’s) civil monetary penalty (CMP) against Lincare, Inc., d/b/a United Medical (Lincare), for...more

HHS Removes Barriers to Reporting Federal Mental Health Prohibitor Status for Gun Background Checks

On January 6, 2016, the U.S. Department of Health and Human Services (HHS) released a modification to the Health Insurance Portability and Accountability Act (HIPAA) removing barriers to reporting federal mental health...more

1/18/2016  /  Background Checks , Gun Laws , HHS , HIPAA , NICS , PHI

HIPAA Fine Underscores OCR’s Focus on Physician Group Compliance

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced a $750,000 fine and resolution agreement, including a Corrective Action Plan (CAP), for Cancer Care Group, P.C. (CCG), a...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

OCR Updates Breach Report Web Portal — Changes Could Impact Annual Breach Reports

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently launched an updated version of the portal covered entities must use to notify OCR regarding a breach of unsecured protected health...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

6/27/2014  /  Enforcement , HHS , HIPAA , Medical Records , OCR , PHI

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

HHS Rule Grants Patients Direct Access to Lab Test Results

The U.S. Department of Health and Human Services (HHS) recently published a Final Rule granting patients and their personal representatives access to the patient’s completed laboratory test reports directly from the lab...more

2/24/2014  /  CDC , CLIA , CMS , EHR , Healthcare , HHS , HIPAA , PHI

NICS and HIPAA: Where Mental Health Privacy and Gun Control Overlap; HHS Releases Notice of Proposed Rulemaking

On January 7, 2014, the U.S. Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) for the purpose of modifying the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to...more

Healthcare Privacy – 2013 Year in Review

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA...more

Texas to Launch Nation's First Privacy and Security Certification "Safe Harbor"

The Texas Health Services Authority (THSA) recently announced its selection of the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), the most widely adopted information privacy and security...more

Business Associate Agreements: More Readily Accepted by Cloud Service Providers? Maybe

Although the HIPAA Omnibus Final Rule's expansion of business associate liability could create difficulties for healthcare providers and other covered entities seeking to negotiate business associate agreements with vendors...more

HHS Considers Amending HIPAA Privacy Rule to Permit Disclosure of Mental Health Information for Firearm Background Checks

Adding yet another wrinkle to the nation’s contentious gun control debate, the U.S. Department of Health and Human Services (HHS) has released an Advance Notice of Proposed Rulemaking (ANPRM) soliciting information and public...more

Special Edition: Health Law Update - February 28, 2013

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

Health Law Update - What Covered Entities and Business Associates Need to do to Prepare for the New HIPAA/HITECH Requirements

The U.S. Department of Health and Human Services (HHS) issued, on January 17, 2013, its final omnibus rule modifying the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security rules as well...more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

OCR Releases De-Identification Guidance

The HHS Office of Civil Rights (OCR) recently released guidance intended to assist covered entities in understanding what de-identification is, the general process by which de-identified information can be created, and the...more

12/12/2012  /  De-Identification , HHS , HIPAA , OCR , Safe Harbors
20 Results
/
View per page
Page: of 1

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!