Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

Office for Civil Rights Selects Vendor for Next Round of HIPAA Audits – Five Things You Should Do to Prepare

The Office for Civil Rights (“OCR”) has selected Ashburn, Virginia-based FCi Federal to conduct the next round of HIPAA audits mandated by the HITECH Act. OCR views the audits as a compliance tool that will hopefully get out...more

[Webinar] Mobile Device Management for Health Care Organizations and Vendors - Sept. 10th, 10:00am PDT

In this webinar, we will demystify the HIPAA Security Rule and how to apply the administrative, physical, and technical safeguards in a mobile environment. We will discuss key takeaways from the recently released NIST Draft...more

Physician Group to Pay $750,000 to Settle a HIPAA Violation

In August 2012, a Physician Group—comprising of nearly 20 physicians—reported its HIPAA breach to HHS, which resulted from a laptop bag containing the employee’s laptop and a computer server backup being stolen from an...more

Maryland AG settles with Visionworks over security practices

Using the Maryland Consumer Protection Act, Maryland Attorney General Brian Frosh has announced that eye care retailer Visionworks, Inc. has agreed to pay the state of Maryland $100,000 and enhance its security measures...more

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

NIST Standards Provides An Oasis Of Mobile Device Security In The EHR Desert

The healthcare industry has long awaited some certainty in the arena of mobile devices in light of the continued push for electronic health records (“EHR”) and coordinated care. The prevalence, convenience, and speed of such...more

FCC Sheds New Light on TCPA’s Exemption for Healthcare-Related Calls

As we have previously reported, the Federal Communications Commission (“FCC”) issued a Declaratory Ruling and Order (“Order”) on July 10, 2015, clarifying several sections of the Telephone Consumer Protection Act (“TCPA”) and...more

St. Elizabeth’s Medical Center Pays $218,400 to Settle Alleged HIPAA Security Case Stemming from Use of Cloud-Based Document...

Alleged HIPAA Violations Resulted from Medical Center’s Failure to Risk Assess Internet-Based Document Sharing Application and Inadequate Breach Response. The US Department of Health and Human Services (HHS) Office for...more

Security Frameworks 101: Which is Right for my Organization?

These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that their security profile is adequate. It can certainly help to...more

Ask But Don’t Tell: Kentucky Allows Defendant to Seek Ex Parte Interviews of Plaintiff’s Treating Physicians

We walked into the Drug and Device Law Rock Climber’s room last night to find her packing for her return to college while the ignored TV blared in the background. Onscreen was a popular cable reality franchise involving...more

When the Government Comes Knocking

This article will provide an outline of some of the most significant points for hospitals to use when confronted with a formal government investigation under the Criminal or Civil False Claims Act. As noted below, you should...more

Back to School – HIPAA 101

After a summer that saw major data breaches at the Office of Personnel Management and UCLA Health System, this fall is a great time to take your organization back to school on HIPAA compliance and data security. Here are...more

Responding to Subpoenas and Other Requests for Personal Health Information: Take Them at Face Value

Healthcare providers and other HIPAA covered entities receive requests for protected health information (“PHI”) from a variety of sources on a daily basis. Such requests can range from informal requests made during the course...more

Under the Thumb: Regulatory Compliance When Outsourcing Cybersecurity Management

Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More...more

Corridors September 2015 - News for North Carolina Hospitals

This article will provide an outline of some of the most significant points for hospitals to use when confronted with a formal government investigation under the Criminal or Civil False Claims Act. As noted below, you should...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Healthcare Legal News: Volume 5, Number 3

RESPONDING TO SUBPOENAS AND OTHER REQUESTS FOR PERSONAL HEALTH INFORMATION: TAKE THEM AT FACE VALUE - Healthcare providers and other HIPAA covered entities receive requests for protected health information (“PHI”) from...more

Health Update - August 2015

Five Lessons From 2015 Healthcare Deals - In 2015, we already have seen a great deal of activity in healthcare transactions that is attracting antitrust scrutiny, with mixed results. Among the winners have been Cabell...more

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

Six Ways for Data-Driven Medical Device Companies to Implement Effective Privacy and Security Measures

The increasing amounts of health information being generated, stored and collected have heightened the special risks medical device manufacturers have long faced. In addition to the nexus to patient health and safety, if a...more

Hacking Your Health: For Healthcare Providers, Risk Analysis Must Be Ongoing

Healthcare providers would be wise to keep in mind that if a patient is harmed by a hacked medical device, Exhibit A in the negligence suit against them may be that provider’s risk analysis, or lack thereof....more

Seventh Circuit rules hospital system is not a Consumer Reporting Agency under FCRA

Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more

An Analysis of Urinalysis—Considerations for Health Providers

Urinalysis, also referred to as urine drug screening, is an important procedure that health providers use for several reasons: to monitor patients’ medication compliance, detect drug abuse, or identify the presence of...more

A Cruise Aboard the Love Boat is Not Protected by the FMLA, Even When the Doc Says It's a Good Idea

This post has nothing to do with Netflix and its new, generous parental leave policy. Or GOP presidential candidate Carly Fiorina’s latest position on paid leave. Sorry to disappoint. But it does involve an exotic...more

Privacy Tuesday – August 2015: Three Bytes for End of Summer

It’s Privacy Tuesday again – and summer is winding down. Here are three bytes of privacy/security information to start your week...more

1,005 Results
|
View per page
Page: of 41

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×