News & Analysis as of

OCR Annual Report Highlights Breaches Of Unsecured Protected Health Information

The Health Information Technology for Economic and Clinical Health Act ("HITECH") requires Covered Entities and Business Associates to provide notification of breaches of unsecured Protected Health Information. The Department...more

Health Care Entity Pays $150,000 to HHS as a Result of Stolen Thumb Drive Containing PHI

Encrypting USB drives, analyzing security risks, and implementing breach notification policies and procedures could mean the difference between compliance with the Health Insurance Portability and Accountability Act (“HIPAA”)...more

Dermatology Practice Agrees to Settlement in Connection with HIPAA Breach

A Massachusetts-based dermatology practice recently agreed to pay $150,000 to settle claims that it failed to have sufficient policies and procedures in place to address a breach notification requirement under the HITECH Act....more

HHS Announces First HIPAA Settlement Based on Lack of Breach Notification Policies and Procedures

The Department of Health and Human Services (HHS) recently announced the first settlement under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) based on violations of the law's privacy, security,...more

Settlement Reached Regarding Dermatology Practice’s HIPAA Violation

Adult and Pediatric Dermatology (A&P Dermatology) of Concord, Massachusetts has entered into a resolution agreement with the Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance...more

Providers: Prepare Your Breach Notification Policy!

On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and...more

HHS Gives A Thumbs Down For Stolen Thumb Drive

On December 26, 2013, the U.S. Department of Health and Human Services Office for Civil Rights (HHS) announced that it had reached an agreement with a Northeastern dermatology practice to settle potential HIPAA violations...more

HHS Closes Out 2013 with 6th Resolution Agreement

Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs....more

HIPAA Compliance And September 23, 2013 — The Day The World Did NOT End

Everyone old enough to remember will recall Y2K – the year our world was supposed to end in a catastrophic transition from December 31, 1999 to January 1, 2000. Instead, since we are still here, we all recall what happened –...more

Cloud Computing: Healthcare Issues in a Digital Age – (Part Two)

Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more

Under The New HIPAA Regime, A Lost Laptop Costs $1.5 Million But A Leased Photocopier Costs Almost As Much

Nearly one year after a Massachusetts provider paid $1.5 million to settle potential HIPAA violations for the theft of an unencrypted laptop containing protected health information (PHI), providers are reminded once again of...more

New HIPAA Deadline Around the Corner: Be Prepared!

Don’t look now, but another HIPAA deadline is just around the corner. As we noted last month, the deadline is looming for employer-sponsored health benefit plans to come into compliance with U.S. Department of Health...more

A Federal District Court in Florida Finds Hospital System Properly Terminated a Professional Services Contract for a HIPAA Breach

The U.S. District Court for the Southern District of Florida found on June 20, 2013 that defendant Community Health Systems, Inc., and its affiliated hospital, Salem Hospital (collectively, “CHS”) properly terminated a...more

Checklist for Covered Entities and Business Associates

As the countdown to the compliance deadline for the Health Information Technology for Economic and Clinical Health (HITECH) Act Omnibus Rule begins, we offer the following as a reminder of tasks that covered entities,...more

HIPAA — Countdown to New Regulations

The new HIPAA regulations become effective on September 23, 2013. Many health care providers have been focused on revising business associate agreements and getting them signed up. Keep in mind that new business associate...more

15 Results
|
View per page
Page: of 1