Health Privacy

Read need-to-know updates, commentary, and analysis on Health issues written by leading professionals.
News & Analysis as of

Employee’s Wife Pleads Guilty to Charges After He Stole Patient Information

The Manhattan District Attorney announced this week that a former employee of Lenox Hill Hospital’s wife plead guilty to grand larceny, identity theft in the first degree, and criminal possession of stolen property after her...more

Healthcare Data Breach Enforcements and Fines At A Glance

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

Is your cybersecurity upgrade FDA reportable?

In today’s marketplace, technology evolves at a rapid rate, and must adapt to changing circumstances, such as threats to cybersecurity. For device companies, some types of modifications to devices post-market - potentially...more

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

Hackers Post Athletes’ Medical and Drug Testing Records Online

Hacking group Fancy Bear, reportedly a Russian group, who allegedly hacked into the Democratic National Committee emails which made headlines, has posted U.S. Olympians’ medical and drug testing records online. Although it...more

Health Care E-Note - September 2016

In an article published in the September 2016 MASA Newsletter, Jim Hoover and Angie Cameron Smith discuss how physicians should properly respond to subpoenas and requests for patients’ health information. They stress how...more

LabMD Seeks To Stay FTC Decision Related To Evidence Of Consumer Harm Pending Appeal

LabMD—a medical testing lab that, the Federal Trade Commission (“FTC”) alleged, exposed consumer personal information through a peer-to-peer (“P2P”) file-sharing network—is now seeking a stay pending its appeal of the FTC’s...more

EndNotes - September 2016 - News for North Carolina's Hospice and Palliative Care Community

Nondiscrimination Final Rule under the ACA Imposes New Requirements on Hospice Agencies - On May 26, 2016, the United States Department of Health and Human Services (HHS), Office of Civil Rights (OCR), issued the...more

Causes of Healthcare Data Breaches

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches...more

Physicians Must Be Cautious When Responding To A Subpoena or Request for Medical Records

Doctors must educate themselves and particularly their staff on the legal obligations to protect the confidentiality of medical records and how to properly respond to subpoenas and requests for patients’ health information....more

September Privacy and Security Updates

Although National Cyber Security Month isn’t until October, September has brought plenty of privacy and security updates that health care companies need to be aware of. In this post, we review guidance from the Office for...more

Department of Education Issues New Guidance on Disclosure of Student Medical Records

The Family Policy Compliance Office at the U.S. Department of Education (the Department) recently released "significant guidance" on the application of the Family Educational Rights and Privacy Act (FERPA) to the release of...more

Don’t Ignore Ransomware Vulnerabilities; You Could Be Violating FTC Act

Last week, the Federal Trade Commission convened a ransomware workshop to discuss the rising epidemic of attacks against U.S. businesses and individuals. In a ransomware attack, a malicious actor tricks a user into...more

Banner Health Suits Raise Significant Questions for Data Breach Class Actions

Banner Health recently announced that hackers may have gained “unauthorized access to patient information” and “payment card data” from approximately 3.7 million patients, health plan members, food and beverage customers, and...more

Centers for Medicare and Medicaid Services Issues Emergency Preparedness Requirements That Address Cyber-Attacks

The Centers for Medicare and Medicaid Services (“CMS”) issued a final rule on September 8th, 2016 establishing national emergency preparedness requirements for providers and suppliers participating in Medicare and Medicaid in...more

OCR Continues to Strengthen HIPAA Enforcement Efforts

The United States Department of Health and Human Services Office for Civil Rights ("OCR") sent a strong HIPAA enforcement message this summer, entering four resolution agreements, including the highest financial settlement to...more

CMS Warns Against Social Media Postings Involving Nursing Facility Residents

In an August 5, 2016, Survey and Certification memorandum to state Survey Agency Directors, the Centers for Medicare and Medicaid Services (CMS) directs surveyors of nursing facilities on matters relating to the use of social...more

Information From 700+ Patients Stolen from LAC+USC Medical Center

Los Angeles County-USC Medical Center (LAC+USC) has notified patients that the protected health information of over 700 patients seen in the LAC+USC neurosurgery clinic was stolen from an employee’s car. The information,...more

3 Essential Steps For Responding To Ransomware Attacks

Likely because most victims comply with their demands, the incidence of attacks by ransomware hackers has exploded in 2016. Guidance issued by the U.S. Department of Health and Human Services (“HHS”) in July notes that, on...more

Business Associates Beware! OCR Means Business

In June 2016, OCR entered into its first settlement agreement with a business associate, Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), for potential violations of the HIPAA Laws by failing to...more

MedStar Health Cardiology Associates Employee Emails Patient Information to Personal Account and Gets Fired

MedStar Health Cardiology Associates, (“MedStar Cardiology”) affiliated with MedStar Health, which was recently in the news for a ransomware attack, discovered that an employee sent protected health information of 907...more

SCAN Health Plan Notifies Patients of Data Breach Affecting 87,000 Individuals

SCAN Health Plan of California, SCAN Health Plan Arizona, and VillageHealth are in the process of notifying certain plan members and non-plan members of a breach of protected health information, including names, addresses,...more

OCR Sets Sights on Smaller HIPAA Breaches

Covered entities and business associates can expect increased scrutiny for breaches of unsecured protected health information affecting fewer than 500 individuals. Starting August 2016, the U.S. Department of Health and Human...more

France: new rules for processing patient health data

France’s Law for the Modernization of the Health System, adopted earlier this year, applies to all processing of health data for the purpose of evaluating or analyzing medical treatments and preventive actions....more

Orleans Medical Clinic Notifies 6,890 Patients of Data Breach

Orleans Medical Clinic (Orleans) in Indiana has notified the Office for Civil Rights that the protected health information of 6,890 patients was compromised as a result of an upgrade to its server. Orleans is in the process...more

2,330 Results
|
View per page
Page: of 94

Follow Health Updates on:

JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×