On April 22, the Department of Health and Human Services (HHS) announced a final rule to support reproductive health care privacy under HIPAA. The rule aims to support reproductive health care privacy "by prohibiting the...more
2020 can rightfully be called the year for remote health care. Fueled by necessity and accompanying loosened regulations, telehealth and the demand for remote patient monitoring boomed. Signs that this progress is here to...more
COVID-19 has challenged health care providers to change the way they offer services — from shifting to an increasingly remote workforce to diving into telehealth. These adjustments have privacy implications. The following are...more
6/18/2020
/ California Consumer Privacy Act (CCPA) ,
Data Privacy ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Remote Working ,
Risk Assessment ,
Telecommuting ,
Telehealth
Thus far, telehealth breaches have been exceedingly rare, but as telehealth is increasingly used, telehealth data breaches and similar incidents may become more commonplace. Here are 10 steps for responding to a telehealth...more
5/4/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Data Breach ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Incident Response Plans ,
Patient Access ,
Risk Assessment ,
State Data Breach Notification Statutes ,
Telehealth ,
Telemedicine
Last week, the American Medical Association (AMA) and the American Hospital Association (AHA), recognizing the increased cybersecurity threats facing health care providers, issued joint guidance for physicians working from...more
4/23/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Health Care Providers ,
Information Governance ,
PHI ,
Phishing Scams ,
Popular ,
Risk Management ,
Vulnerability Assessments
In an industry overrun with news of almost daily privacy breaches, what makes the Fresenius settlement especially newsworthy is the size of the fine compared to the size of the breach and the types of breaches involved....more
4/3/2018
/ Corrective Actions ,
Data Breach ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Fresenius ,
Health Care Providers ,
Healthcare Facilities ,
HIPAA Breach ,
Personally Identifiable Information ,
Risk Management ,
Settlement
On October 26, in Edwards v. Thomas, et al. (SC15-1893) the Florida Supreme Court held that external peer review reports are discoverable under Amendment 7.
...more
The Department of Health and Human Services’ Office of Civil Rights (OCR) recently published a checklist to guide HIPAA-covered entities and business associates through an appropriate response to a ransomware or cybersecurity...more
6/16/2017
/ Breach Notification Rule ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Emergency Response ,
Health Care Providers ,
HIPAA Breach ,
OCR ,
Personally Identifiable Information ,
PHI
On January 31, the Florida Supreme Court ruled that the “Patient Safety Work Product” privilege cannot shield Florida health care providers from Amendment 7 requests. The court’s decision in Charles v. Southern Baptist...more
"Surprise medical billing" occurs when a patient receives care at a facility and receives treatment from a provider, such as an anesthesiologist or radiologist, who is not contracted with the patient’s health insurance plan....more
The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) recently announced the long-awaited launch of phase 2 of HIPAA’s audit program. The program will target all types of covered...more