Privacy Health

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

Blog: GAO Criticizes HHS In Health Information Cybersecurity Report

On Monday, the Government Accountability Office (“GAO”) released a report (the “Report”) criticizing the U.S. Department of Health and Human Services (“HHS”) security and privacy guidance and oversight in protecting...more

Small-Breach Focus Shows Growing Scope Of HIPAA Probes

Flexing yet more enforcement muscle under the Health Insurance Portability and Accountability Act, on Aug. 18, 2016, the U.S. Department of Health and Human Services Office for Civil Rights announced that it will more widely...more

Outdated Business Associate Agreement Leads to Another Six-Figure HIPAA Settlement

On September 23, 2016, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Care New England Health System (CNEHS) agreed to pay $400,000 and enter into a corrective action plan...more

Healthcare Business Associates

The Health Information Technology for Economic and Clinical Health (“HITECH”) Act modified the Health Insurance Portability and Accountability Act (“HIPAA”) by expanding the definition of Business Associates (“BA”) and their...more

New CMS Guidance on Abuse of Patient Privacy Rights

Last month, I noted recent media reports raising patient privacy concerns due to health care providers’ use of social media in the workplace [The Potentially Dangerous Intersection of Healthcare and Social Media]. It appears...more

UPDATE: Got Data? Actual Harm Not Required for FTC Enforcement Action for Lax Security Measures

As anticipated, things are getting even more exciting with the case previously covered in Password Protected. Specifically, LabMD is appealing the landmark data security case between it and the Federal Trade Commission...more

Yuba Sutter Medical Center Hit With Ransomware

Yuba Sutter Medical Center in California (Yuba Sutter) has notified its patients that it has suffered a recent ransomware attack that caused parts of its network to be incapacitated. As a result, patient files were unable to...more

Employee’s Wife Pleads Guilty to Charges After He Stole Patient Information

The Manhattan District Attorney announced this week that a former employee of Lenox Hill Hospital’s wife plead guilty to grand larceny, identity theft in the first degree, and criminal possession of stolen property after her...more

Healthcare Data Breach Enforcements and Fines At A Glance

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

Is your cybersecurity upgrade FDA reportable?

In today’s marketplace, technology evolves at a rapid rate, and must adapt to changing circumstances, such as threats to cybersecurity. For device companies, some types of modifications to devices post-market - potentially...more

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

Hackers Post Athletes’ Medical and Drug Testing Records Online

Hacking group Fancy Bear, reportedly a Russian group, who allegedly hacked into the Democratic National Committee emails which made headlines, has posted U.S. Olympians’ medical and drug testing records online. Although it...more

Health Care E-Note - September 2016

In an article published in the September 2016 MASA Newsletter, Jim Hoover and Angie Cameron Smith discuss how physicians should properly respond to subpoenas and requests for patients’ health information. They stress how...more

LabMD Seeks To Stay FTC Decision Related To Evidence Of Consumer Harm Pending Appeal

LabMD—a medical testing lab that, the Federal Trade Commission (“FTC”) alleged, exposed consumer personal information through a peer-to-peer (“P2P”) file-sharing network—is now seeking a stay pending its appeal of the FTC’s...more

EndNotes - September 2016 - News for North Carolina's Hospice and Palliative Care Community

Nondiscrimination Final Rule under the ACA Imposes New Requirements on Hospice Agencies - On May 26, 2016, the United States Department of Health and Human Services (HHS), Office of Civil Rights (OCR), issued the...more

Causes of Healthcare Data Breaches

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches...more

Physicians Must Be Cautious When Responding To A Subpoena or Request for Medical Records

Doctors must educate themselves and particularly their staff on the legal obligations to protect the confidentiality of medical records and how to properly respond to subpoenas and requests for patients’ health information....more

September Privacy and Security Updates

Although National Cyber Security Month isn’t until October, September has brought plenty of privacy and security updates that health care companies need to be aware of. In this post, we review guidance from the Office for...more

Department of Education Issues New Guidance on Disclosure of Student Medical Records

The Family Policy Compliance Office at the U.S. Department of Education (the Department) recently released "significant guidance" on the application of the Family Educational Rights and Privacy Act (FERPA) to the release of...more

Don’t Ignore Ransomware Vulnerabilities; You Could Be Violating FTC Act

Last week, the Federal Trade Commission convened a ransomware workshop to discuss the rising epidemic of attacks against U.S. businesses and individuals. In a ransomware attack, a malicious actor tricks a user into...more

Banner Health Suits Raise Significant Questions for Data Breach Class Actions

Banner Health recently announced that hackers may have gained “unauthorized access to patient information” and “payment card data” from approximately 3.7 million patients, health plan members, food and beverage customers, and...more

Centers for Medicare and Medicaid Services Issues Emergency Preparedness Requirements That Address Cyber-Attacks

The Centers for Medicare and Medicaid Services (“CMS”) issued a final rule on September 8th, 2016 establishing national emergency preparedness requirements for providers and suppliers participating in Medicare and Medicaid in...more

OCR Continues to Strengthen HIPAA Enforcement Efforts

The United States Department of Health and Human Services Office for Civil Rights ("OCR") sent a strong HIPAA enforcement message this summer, entering four resolution agreements, including the highest financial settlement to...more

CMS Warns Against Social Media Postings Involving Nursing Facility Residents

In an August 5, 2016, Survey and Certification memorandum to state Survey Agency Directors, the Centers for Medicare and Medicaid Services (CMS) directs surveyors of nursing facilities on matters relating to the use of social...more

Information From 700+ Patients Stolen from LAC+USC Medical Center

Los Angeles County-USC Medical Center (LAC+USC) has notified patients that the protected health information of over 700 patients seen in the LAC+USC neurosurgery clinic was stolen from an employee’s car. The information,...more

2,336 Results
|
View per page
Page: of 94

Follow Privacy Updates on:

JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×