Administrative Agency Health Privacy

Read need-to-know updates, commentary, and analysis on Administrative Agency issues written by leading professionals.
News & Analysis as of

Counties Beware – Your Governmental Status Does Not Protect You from Liability for a HIPAA Breach

As a county government, you may think that you have the protection of sovereign immunity and protection from other governments penalizing you. Your status does not protect you. The Department of Health and Human Services...more

HHS Issues Policy Regarding Physician FOIA Requests

On January 17, 2014, the Department of Health and Human Services (HHS) published its “Modified Policy on Freedom of Information Act Disclosure of Amounts Paid to Individual Physicians Under the Medicare Program” (the Modified...more

HHS Issues Privacy Rule Guidance for Law Enforcement Agencies

The Office for Civil Rights (OCR) of the Department of Health and Human Services recently announced the release of its guidance, “Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule: A Guide for Law...more

HIPAA Omnibus Final Rule - What's in it for Patients?

The Final Rule offers significant changes to patient rights and patient protections. (There is much more to the rule, but other aspects are not addressed in this post. Here you may find a link to the HIPAA Omnibus Rule, a...more

HIPAA Omnibus Rule - Google+ Hangout

For a first look at the HIPAA omnibus rule, I had a Google+ Hangout on Air with Brian Ahier and Deven McGraw. We talked through the changes made to the privacy and security rules, the breach notification rule, the enforcement...more

Finally! HHS Office of Civil Rights Releases HIPAA Omnibus Rule With Sweeping Changes to Compliance Requirements and Enforcement

The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more

Health Law Blog: Final HIPAA Rules Released

Yesterday, the U.S. Department of Health and Human Services (HHS) released the long-awaited final rules implementing changes to the HIPAA privacy and security rules enacted in 2009 by the HITECH Act....more

The HIPAA/HITECH Final Rule Has Been Released

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

Brace for Impact – Final HITECH Rules Will Require Substantially More Breach Reporting

HHS has finally issued its omnibus HITECH Rules. Our firm will issue a comprehensive summary of the rules shortly, but of immediate import is the change to the breach reporting harm threshold. The modification will make it...more

Hospitals Need To Focus On Data Privacy And Security

To restate the obvious, hospitals operate in a risky environment. They face a variety of risks and a blanket of government regulations. You have to admire the Chief Compliance Officer at a hospital. They learn to live with...more

Hospitals Need To Focus On Data Privacy And Security

To restate the obvious, hospitals operate in a risky environment. They face a variety of risks and a blanket of government regulations. You have to admire the Chief Compliance Officer at a hospital. They learn to live with...more

First HHS OCR Settlement for HIPAA Breach Involving Less Than 500 Patients Sends Message to Providers

On January 2, 2013, HHS announced that the Hospice of North Idaho (HONI) agreed to pay $50,000 and enter into a Corrective Action Plan (CAP) as part of a settlement involving a breach of unsecured electronic protected health...more

Audits, Audits And More Audits: Life In The Healthcare Industry

Healthcare suppliers and service providers live in a regulated world. They are constantly under audit scrutiny. Sometimes federal agencies (i.e private contractors) conduct the audits; other times state agencies conduct the...more

Labor & Employment E-Note - January 2013

In This Issue: - NLRB Protects Workers' Rights to Post About Job on Facebook - 6 States Ban Companies from Asking for Social Media Passwords - Health Law Requires Employers to Offer Family Care to All - Fiscal...more

Getting the Best Medical Care: a Newsletter from Patrick Malone - January 2013

In This Issue: - Six Things to Think About as Technology Advances - For More Information - Recent Health Care News You Should Know About - Check Out Our Previous Tips - Deep Thoughts for the New Year: Ethical...more

Birmingham Medical News: Make A New Year's Resolution To Review And Update Your Corporate Compliance Plan

Originally published in Birmingham Medical News, on January 7, 2013. Around this time each year, I like to remind my clients about matters they can address at the beginning of each year--a New Year's Resolution for the...more

First-Ever HIPAA Settlement Involving Fewer Than 500 Patients Announced

On January 2, 2013, the U.S. Department of Health and Human Services (HHS) announced a settlement with the Hospice of North Idaho (HONI) for potential HIPAA violations....more

OCR Reaches $50,000 Settlement with Hospice for Small Data Breach

Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more

Guidance on De-Identified Protected Health Information Offers In-depth Instruction on Technical Issues

The HITECH Act required the Secretary of Health and Human Services to publish a number of “Guidance” documents to inform the health care industry and its advisors about practical aspects of HIPAA compliance and HITECH...more

Are Your Mobile Devices HIPAA Compliant? Practical Steps to Ensure Compliance

Mobile device use is becoming more commonplace in health care. Health care professionals use text messaging to communicate with each other about patient status. Medical schools now provide residents tablets to use as...more

OCR's Breach Settlement the First Ever Involving Less than 500 Patients

OCR started 2013 with a bang by announcing that it had reached “the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500 individuals” with the Hospice of...more

Keep An Eye On Those Shiny, New Mobile Devices!

As physicians, nurses, therapists and health care providers continue to utilize new smart phones, tablets, and laptops in caring for patients, the Department of Health and Human Services (“HHS”) has responded with educational...more

First OCR Settlement Involving a “Small” Breach Focuses on Mobile Device Security

In what is best understood as a follow-up to both the recent settlement with MEEI and the release of its mobile device security guidance, HHS OCR recently released details of a settlement reached with the Hospice of Northern...more

De-Identifying Protected Health Information: OCR Issues Long-Awaited Guidance

The HIPAA Privacy Rule is intended to protect individually identifiable health information by limiting its use and disclosure. But the Privacy Rule expressly permits the de-identification of that information, and in doing so...more

First HIPAA Breach Settlement Involving Less Than 500 Patients Announced

ALL PROVIDERS ARE OFFICIALLY ON NOTICE. In a move that signals just how seriously the federal government is taking its enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the U.S....more

292 Results
|
View per page
Page: of 12

Follow Administrative Agency Updates on: