Stephanie Willis

Stephanie Willis

Mintz Levin

Contact  |  View Bio  |  RSS

Latest Posts › HIPAA

Share:

Compliance is No Joke: OCR Releases Security Risk Assessment Tool

On March 28, 2014, the Office of Civil Rights (OCR) announced the release of an online and iPad app-based security risk assessment (SRA) tool. The tool is intended to help health care providers in small to medium sized...more

4/1/2014 - Compliance HIPAA OCR Risk Assessment

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

9/23/2013 - CLIA Data Protection Enforcement Actions HHS HIPAA HIPAA Omnibus Rule Laboratories Notice Requirements OCR Penalties

Lessons from the California AG’s Data Breach Report for the Health Care Industry

Our sister blog, Privacy and Security Matters, recently posted a comprehensive analysis of the newly released data breach report from the California Attorney General’s Office (AG Report). The AG Report is the first...more

7/11/2013 - Attorney Generals Breach Notification Rule Cybersecurity Data Breach Data Breach Plans Data Protection Encryption HIPAA HIPAA Omnibus Rule Training

First HIPAA Resolution Agreement of 2013 — and it certainly will not be the last

The HHS Office of Civil Rights (OCR) announced its first HIPAA Resolution Agreement of 2013 last week. According to the press release, Idaho State University (ISU) must pay OCR $400,000 and comply with the terms of a...more

5/31/2013 - Corrective Actions Cybersecurity Data Breach Data Protection HHS HIPAA OCR PHI Universities

Highlights of the Joint NIST and OCR Safeguarding Health Information Conference

Earlier this week we attended the National Institute of Standards and Technology (NIST) and HHS Office for Civil Rights (OCR) 6th Annual Safeguarding Health Information Conference in Washington, D.C. (the NIST-OCR...more

5/26/2013 - Audits HHS HIPAA NIST OCR

Countdown Begins for HIPAA Omnibus Rule Compliance

The HIPAA Omnibus Rule goes into effect today, which officially starts the clock for covered entities, business associates, and their subcontractors to begin updating their agreements, forms, policies, procedures, and...more

3/26/2013 - Business Associates Contractors HIPAA HIPAA Omnibus Rule HITECH Notice Requirements Subcontractors

HIPAA Omnibus Rule Reference Chart

Mintz Levin is pleased to provide this section-by-section analysis of the HIPAA Omnibus Rule. The chart lists provisions of the proposed privacy, security and enforcement rules mandated by the Health Information...more

1/23/2013 - Business Associates Covered Entities Data Breach Data Protection HIPAA HIPAA Omnibus Rule HITECH Notice Requirements PHI

Finally! HHS Office of Civil Rights Releases HIPAA Omnibus Rule With Sweeping Changes to Compliance Requirements and Enforcement

The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more

1/18/2013 - Business Associates Compliance Covered Entities Data Breach Data Protection HHS HIPAA HIPAA Omnibus Rule Notice Requirements Notifications OCR Patient Privacy Rights PHI Subcontractors

First OCR Resolution for Data Breach Involving Less than 500 Patients: No Breach is “Too Small”

The Department of Health and Human Services, Office for Civil Rights (OCR) reached its first settlement for a breach involving data regarding less than 500 individuals. Under the December 2012 settlement, the Hospice of...more

1/4/2013 - Data Breach HHS HIPAA HITECH HONI Mobile Devices OCR

9 Results
|
View per page
Page: of 1