News & Analysis as of

Business Associates Department of Health and Human Services (HHS) Today's Popular Updates

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Goodwin

HHS-OCR Publishes Final HIPAA Privacy Rule Expanding Reproductive Health Care Privacy and Further Supporting Patient...

Goodwin on

On April 26, 2024, almost a year after issuing a notice of proposed rulemaking to modify the Privacy Rule, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) finalized the HIPAA Privacy Rule to...more

BCLP

New HHS Guidance on Cookies

BCLP on

On March 18, 2024, the Office of Civil Rights (“OCR”) within the Department of Health and Human Services (“HHS”) updated prior guidance concerning the use of online tracking technologies, including cookies, by Covered...more

Epstein Becker & Green

HHS Publishes Final Rule to Support Reproductive Health Care Privacy

Epstein Becker & Green on

The Supreme Court’s 2022 decision in Dobbs v. Jackson Women’s Health Organization to eliminate the federal constitutional right to abortion continues to alter the legal landscape across the country. On April 26, 2024, the...more

Holland & Knight LLP

What HIPAA Security Rule Surprises Await Healthcare Providers for the Second Half of 2024?

Holland & Knight LLP on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more

Health Care Compliance Association (HCCA)

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

Health Care Compliance Association (HCCA) on

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Wilson Sonsini Goodrich & Rosati

OCR at HHS Updates Guidance on Use of Online Tracking Technology by HIPAA-Regulated Entities

Wilson Sonsini Goodrich & Rosati on

On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health...more

Saul Ewing LLP

Business Associate Agrees to $100,000 Settlement Following Cyber Attack

Saul Ewing LLP on

On Halloween, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $100,000 settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Doctors’...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Health Care Compliance Association (HCCA)

2022 Outlook: More Dangerous Ransomware Coupled With Inadequate Security Practices

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more

Health Care Compliance Association (HCCA)

Facing Escalating Attacks, AHA Presses OCR to Expedite Security Practices Rule

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 12 (December, 2021) - Amid the letters of congratulations to new HHS Office for Civil Rights (OCR) Director Lisa Pino is a plea from the American Hospital Association (AHA): “victims” of...more

Health Care Compliance Association (HCCA)

OCR Investigator: Goal Is to Uncover ‘Root Cause,’ Remedy Harm From Violations

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 5 (May 2021) - Given the hundreds of thousands of HIPAA covered entities (CEs) and business associates (BAs) and the two dozen or so enforcement actions the HHS Office for Civil Rights...more

McGuireWoods LLP

HHS Expands HIPAA Enforcement Discretion During COVID-19

McGuireWoods LLP on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued further notifications of enforcement discretion related to compliance with the Health Insurance Portability and Accountability Act of...more

Manatt, Phelps & Phillips, LLP

HHS Grants New Flexibility for Business Associates to Use PHI for Public Health and Health Oversight

Manatt, Phelps & Phillips, LLP on

The Big Picture - On April 2, the U.S. Department of Health and Human Services (HHS) issued a public notice (the Notice) stating that the department will not impose penalties under the Health Insurance Portability and...more

Robinson+Cole Data Privacy + Security Insider

HHS Issues Timely Reminder of Applicability of HIPAA to Outbreak Situations

Robinson+Cole Data Privacy + Security Insider on

On February 3, 2020, the U.S. Department of Health and Human Services (HHS) issued a bulletin (the Bulletin) to remind covered entities and business associates of how patient information may be shared under HIPAA in the event...more

Alston & Bird

White Paper on Privacy Issues in Proposed New National Medical Claims Database

Alston & Bird on

Prof. Peter Swire, Elizabeth and Thomas Holder Chair at the Georgia Tech Scheller College of Business and Senior Counsel at Alston & Bird, has published a new white paper on “Possible Privacy, Cybersecurity, and Data Breach...more

Shumaker, Loop & Kendrick, LLP

Client Alert: The Lack of an Adequate HIPAA Security Risk Assessment is a Common and Costly Mistake by Healthcare Providers: What...

Shumaker, Loop & Kendrick, LLP on

Health care providers and others who must comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) have specific requirements under the Security Rule to HIPAA when it comes to their mainte-nance...more

Sheppard Mullin Richter & Hampton LLP

Cybersecurity, Inside Jobs, Outside Jobs, and HIPAA

Sheppard Mullin Richter & Hampton LLP on

According to a February 12, 2019 Press Release from Protenus, a developer of analytics for patient privacy monitoring and compliance, 15,085,302 patient records were breached in 2018 – a startling number made even more...more

Baker Donelson

More Help for Health Care Organizations: HHS Releases Voluntary Cybersecurity Practices Developed with Industry Input

Baker Donelson on

On Friday, December 28, 2018, the Department of Health and Human Services (HHS) released several documents, including the "Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients," an...more

Baker Donelson

Changes to the Security Risk Assessment (SRA) Tool Require Attention

Baker Donelson on

The HHS Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) released an updated Security Risk Assessment (SRA) Tool this week. All covered entities and business...more

Davis Wright Tremaine LLP

Is OCR Moving the Goal Posts on Vendor Management?

Davis Wright Tremaine LLP on

Recent statements at the 27th National HIPAA Summit suggest that the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) may be changing its position and expecting a greater level of vendor due...more

Saul Ewing LLP

2017 Closes with $2 Million HIPAA Settlement

Saul Ewing LLP on

On December 28, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that 21st Century Oncology, Inc. (21CO) agreed to pay $2.3 Million in lieu of potential civil money...more

Jackson Lewis P.C.

Lessons To Be Learned From The Breach Of Nearly 500,000 Individual Health Records Reported In September 2017

Jackson Lewis P.C. on

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the...more

Latham & Watkins LLP

How Can Healthcare Organizations Prepare for the Next Cyberattack?

Latham & Watkins LLP on

HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more

Balch & Bingham LLP

My Entity Just Experienced a Cyber-Attack! What Do We Do Now?

Balch & Bingham LLP on

On June 9, 2017, the U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) released a cyber-attack “Quick Response” checklist (the Checklist) for the benefit of HIPAA covered entities and business...more

42 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide