Rebecca L. Williams

Rebecca L. Williams

Davis Wright Tremaine LLP

Contact  |  View Bio  |  RSS

Latest Publications

Share:

Be Careful with Information Destruction: Another Medical Record Disposal HIPAA Settlement

The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) recently announced a new settlement with a small pharmacy, Cornell Prescription Pharmacy (“Cornell”). OCR alleged that Cornell was disposing of...more

5/1/2015 - Document Destruction Enforcement Actions OCR Pharmacies PHI Settlement

Washington State Amends Data Breach Law

Passage of H.B. 1078 sets a 45-day notification deadline, adds additional notice requirements Washington Governor Jay Inslee signed H.B. 1078 into law on April 23, revising the state’s data breach notification statute and...more

4/29/2015 - Popular

Premera Cyber-Attack Announced: Defining Your Obligations as an Employer

On March 17, 2015, Premera announced a data breach involving the personal information of more than 11 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack. Employers and plan...more

3/19/2015 - Breach Notification Rule Corporate Counsel Cyber Attacks Data Breach Employer Liability Issues HIPAA Popular Premera Blue Cross

Employers: What the Anthem Breach Means to You

On Feb. 4, 2015, Anthem announced a data breach involving the personal information of more than 80 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack. Group health plans may be...more

2/10/2015 - Anthem Insurance Best Practices Breach Notification Rule Corporate Counsel Cyber Attacks Cybersecurity HIPAA Personally Identifiable Information

Latest HIPAA Settlement: Compliance is an Ongoing Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more

12/18/2014 - Healthcare Facilities HIPAA OCR Patient Confidentiality Breaches PHI Popular Settlement

Encryption and Securing BYO Devices at the Heart of Massachusetts AG $100,000 Settlement

The Massachusetts Attorney General announced Friday that her office had reached a settlement with Beth Israel Deaconess Medical Center (BIDMC) surrounding a 2012 data breach in which a physician’s unencrypted personal laptop...more

11/26/2014 - Bring Your Own Device Covered Entities Data Breach Data Protection Employer Liability Issues Encryption Health Care Providers Patient Confidentiality Breaches Personally Identifiable Information Popular

Ebola or Not, Patient Privacy Must Be Protected: Office for Civil Rights Issues Bulletin on HIPAA Requirements in Emergency...

In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued a new bulletin reminding HIPAA-covered entities and their business associates that the...more

11/13/2014 - Data Protection Ebola EHR Healthcare HHS HIPAA OCR PHI

CMS Reopens the Medicare Payment Adjustment Hardship Exception Application Submission Period for Certain Providers and Hospitals

Centers for Medicare & Medicaid Services (CMS) recently announced the reopening of the submission period for hardship exception applications for eligible professionals and eligible hospitals that have been unable to fully...more

10/30/2014 - CEHRT CMS EHR Healthcare Healthcare Reform Hospitals Medicare PHI Undue Hardship

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

10/13/2014 - Breach Notification Rule Data Breach EHR Healthcare Personally Identifiable Information PHI Popular

Looming HIPAA Deadline: Update Business Associate Agreements by Monday, September 22, 2014

Business associate agreements that have not already been updated as required by the HIPAA Omnibus Rule should be updated by September 22, 2014. The Omnibus Rule changed and added mandatory language for valid business...more

9/23/2014 - Business Associates Deadlines HIPAA HIPAA Omnibus Rule

New HIPAA Reports to Congress Shed Light on OCR Enforcement

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued two reports to Congress, as required by the HITECH Act. The compliance report details OCR’s enforcement activities for 2011 and 2012 and...more

7/7/2014 - Data Protection Enforcement Enforcement Actions Healthcare HHS HITECH OCR

Confidentiality of Substance Abuse Treatment Information: HHS Considers Changes to the Part 2 Regulations and Requests Comment

The Department of Health and Human Services’ Substance Abuse and Mental Health Services Administration (SAMHSA) is considering significant changes to the “Part 2” regulations (the Confidentiality of Alcohol and Drug Abuse...more

6/23/2014 - ACOs Consent Healthcare Healthcare Reform HHS New Regulations Patient Privacy Rights SAMHSA

$4.8 Million – Largest HIPAA Settlement to Date

On May 7, 2014, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) issued a press release announcing that two health care organizations—New York and Presbyterian Hospital (“NYP”) and Columbia...more

5/9/2014 - Covered Entities Data Breach Electronic Medical Records HIPAA Hospitals Non-Judicial Settlement Agreements OCR Patient Confidentiality Breaches

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

4/14/2014 - Audits Data Protection EHR HHS HIPAA OCR PHI

Future OCR Audits Have Little in Common With Previous Round—Here’s How to Prepare

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

4/11/2014 - Audits Covered Entities HHS OCR Security Risk Assessments

HIPAA and Mental Health Information: HHS Issues HIPAA Guidance Addressing Mental Health Information

The U.S. Department of Health and Human Services (“HHS”) recently issued new guidance clarifying how the HIPAA Privacy Rule strikes the balance of protecting individuals’ privacy of mental health information and communicating...more

2/28/2014 - Healthcare HHS HIPAA Mental Health Mental Health Parity Rule Mental Illness

FTC’s 50th Data Security Settlement Sends a Message: Be Careful with Overseas Contractors

The Federal Trade Commission (FTC) sent a message about the importance of imposing appropriate security measures on—and monitoring—vendors with access to confidential consumer information. The FTC issued a 20-year consent...more

2/5/2014 - Compliance Contractors Data Breach Data Protection Due Diligence FTC Vendors

It’s Not Enough to Notify: Don’t Forget the Policies, Risk Analyses, and Training

HIPAA compliance ended with a bang in 2013, with the feds issuing the first settlement involving a health provider’s failure to have breach notification policies and procedures in place. On Dec. 24, 2013, the Department of...more

1/8/2014 - Compliance HHS HIPAA OCR Security Rule Training

The Long Sunset: EHR Donations May Continue Until 2021 (With a Few Changes)

Under long-awaited final rules recently published by the federal government, hospitals and other “protected donors” may continue to “donate” interoperable electronic health record items and services without incurring...more

12/31/2013 - Anti-Kickback Statute CMS EHR Electronic Medical Records HHS Hospitals Stark Law

HHS Delays Require Changes to Notice of Privacy Practices for Certain Clinical Laboratories

Last week the Department of Health and Human Services (“HHS”) announced that it has postponed the Sept. 23, 2013, HIPAA Omnibus Rule deadline for many clinical laboratories to revise their notices of privacy practices...more

9/26/2013 - Clinical Laboratories HHS HIPAA HIPAA Omnibus Rule Notice of Privacy Practices

Deadline Approaches for Reporting 2012 Small Breaches

HIPAA covered entities have through Friday, March 1, 2013, to report small breaches of unsecured protected health information that occurred in calendar year 2012 to the U.S. Department of Health and Human Services (HHS). A...more

2/26/2013 - Data Breach HHS HIPAA HIPAA Omnibus Rule Notice Requirements

New Omnibus Rule Released: HIPAA Puts on More Weight

On Jan. 17, 2013, the Department of Health and Human Services (HHS) released the long-awaited “Omnibus Rule,” which amends the administrative simplification provisions of the Health Insurance Portability and Accountability...more

1/24/2013 - Business Associates Covered Entities Data Breach Data Protection Enforcement GINA HHS HIPAA HIPAA Omnibus Rule HITECH Marketing PHI Privacy Policy

One Week to Get Business Associate Agreements Executed Under HIPAA Omnibus Rule’s Grandfather Clause

On Jan. 17, 2013, the long-awaited HIPAA “Omnibus Rule” went on display at the Federal Register, finalizing changes to the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules....more

1/21/2013 - Business Associates Compliance Data Breach Data Protection Enforcement HIPAA HIPAA Omnibus Rule Notice Requirements

HIPAA Omnibus Rule Released

At long last, after much delay and speculation, the HIPAA Omnibus Rule has been placed on display at the Federal Register in preparation for formal publication....more

1/18/2013 - Business Associates Compliance Covered Entities Data Breach Enforcement HIPAA HIPAA Omnibus Rule Marketing Notice Requirements PHI

Washington Attorney General's Office Opinion Undermines Electronic Health Records Donation Programs

In 1949, the Washington Legislature enacted what has become known as the “anti-rebate statute,” codified as RCW Chapter 19.68. Rep. Eileen Cody recently asked the state Attorney General (AG)’s Office whether this statute...more

12/13/2012 - Anti-Rebate Statutes Charitable Donations Clinical Laboratories Electronic Health Record Incentives Electronic Medical Records

26 Results
|
View per page
Page: of 2

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×