Stephanie Willis

Stephanie Willis

Mintz Levin

Contact  |  View Bio  |  RSS

Latest Posts › OCR

Share:

Compliance is No Joke: OCR Releases Security Risk Assessment Tool

On March 28, 2014, the Office of Civil Rights (OCR) announced the release of an online and iPad app-based security risk assessment (SRA) tool. The tool is intended to help health care providers in small to medium sized...more

4/1/2014 - Compliance HIPAA OCR Risk Assessment

En Español: HHS Agencies Issue Model Notices of Privacy Practices in Spanish

Last week, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Office for the National Coordinator for Health Information Technology (ONC) issued model Notices of Privacy Practices (NPPs) in...more

2/24/2014 - Disclosure Requirements Healthcare Native Language Notice of Privacy Practices OCR PHI

Data Breach Wall of Shame: 2013's Highlights and Lessons

Since 2009, the HHS Office for Civil Rights (“OCR”) has posted all large data breaches – those that involve 500 or more individuals – online on its so-called “Wall of Shame.” In 2013, 160 large data breaches were reported to...more

1/24/2014 - Cybersecurity Data Breach Data Protection Encryption Healthcare HHS Medical Records OCR Recording Requirements

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

9/23/2013 - CLIA Data Protection Enforcement Actions HHS HIPAA HIPAA Omnibus Rule Laboratories Notice Requirements OCR Penalties

First HIPAA Resolution Agreement of 2013 — and it certainly will not be the last

The HHS Office of Civil Rights (OCR) announced its first HIPAA Resolution Agreement of 2013 last week. According to the press release, Idaho State University (ISU) must pay OCR $400,000 and comply with the terms of a...more

5/31/2013 - Corrective Actions Cybersecurity Data Breach Data Protection HHS HIPAA OCR PHI Universities

Highlights of the Joint NIST and OCR Safeguarding Health Information Conference

Earlier this week we attended the National Institute of Standards and Technology (NIST) and HHS Office for Civil Rights (OCR) 6th Annual Safeguarding Health Information Conference in Washington, D.C. (the NIST-OCR...more

5/26/2013 - Audits HHS HIPAA NIST OCR

Finally! HHS Office of Civil Rights Releases HIPAA Omnibus Rule With Sweeping Changes to Compliance Requirements and Enforcement

The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more

1/18/2013 - Business Associates Compliance Covered Entities Data Breach Data Protection HHS HIPAA HIPAA Omnibus Rule Notice Requirements Notifications OCR Patient Privacy Rights PHI Subcontractors

First OCR Resolution for Data Breach Involving Less than 500 Patients: No Breach is “Too Small”

The Department of Health and Human Services, Office for Civil Rights (OCR) reached its first settlement for a breach involving data regarding less than 500 individuals. Under the December 2012 settlement, the Hospice of...more

1/4/2013 - Data Breach HHS HIPAA HITECH HONI Mobile Devices OCR

8 Results
|
View per page
Page: of 1