News & Analysis as of

Compliance Data Security Department of Health and Human Services (HHS)

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Holland & Knight LLP

What HIPAA Security Rule Surprises Await Healthcare Providers for the Second Half of 2024?

Holland & Knight LLP on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more

Epiq

Healthcare Organizations Can Meet New HHS Cybersecurity Goals with the Help of Tabletop Exercises

Epiq on

In today’s digital age, securing sensitive healthcare data is paramount. With the rise in cyber threats targeting healthcare organizations, the Department of Health and Human Services (HHS) has taken proactive steps to...more

Robinson+Cole Health Law Diagnosis

Forecasting the Integration of AI into Health Care Compliance Programs

Health care entities maintain compliance programs in order to comply with the myriad changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

Saul Ewing LLP

NYC Hospital Agrees to Pay $4.75 Million as Part of a HIPAA Settlement

Saul Ewing LLP on

On February 6, 2024, the HHS Office for Civil Rights (“OCR”) announced a settlement with Montefiore Medical Center (“MMC”) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more

BakerHostetler

HHS Publishes ‘Voluntary’ Healthcare Cybersecurity Performance Goals in Record Time but Leaves Questions Unanswered

BakerHostetler on

As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more

Health Care Compliance Association (HCCA)

‘An Unknown Individual Walked In’: Protecting Against Telehealth Risks Includes Non-IT Threats

The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Health Care Compliance Association (HCCA)

[Event] 2023 Board & Audit Committee Compliance Conference - October 23rd - 24th, Fort Lauderdale, FL

Discover today's best practices for your role in healthcare compliance oversight - The Office of Inspector General of Health and Human Services expects healthcare board members, board audit/compliance committee members,...more

Harris Beach PLLC

There’s an app for that! But is your health care app in compliance?

Harris Beach PLLC on

The health care industry is increasingly adopting mobile apps for a variety of purposes, including tracking patient health conditions and sharing patient data. Privacy and security are important considerations, and it is...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 23, Number 2. ONC’s Tripathi: HIPAA Doesn’t Impede Sharing, Requirements Under Info Blocking...

Report on Patient Privacy Volume 23, no 2 (February 2023) When Micky Tripathi’s mom was recently transferred to a rehab facility to recover from a broken hip, the hospital, “right in front of me…printed off her record,...more

Stoel Rives - Health Law Insider®

New Proposed Part 2 Rules Aim for Greater HIPAA Alignment

Long before enactment of HIPAA, substance use disorder (“SUD”) treatment records have enjoyed confidentiality protections under 42 C.F.R. Part 2 (“Part 2”). Since HIPAA/HITECH and related regulations went into effect, SUD...more

Health Care Compliance Association (HCCA)

[Virtual Event] Richmond Regional Healthcare Compliance Conference - December 9th, 8:25 am - 4:30 pm EST

General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more

Health Care Compliance Association (HCCA)

[Event] Denver Regional Healthcare Compliance Conference - October 15th, Denver, CO

Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more

Holland & Knight LLP

Get Ready for HIPAA Questions on Your Recognized Security Practices

Holland & Knight LLP on

An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more

Alston & Bird

New Law Requires HHS to Consider Recognized Security Practices as Mitigating Factor When Determining Penalties

Alston & Bird on

On January 5, 2021, the president signed into law H.R. 7898, an Act that amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Secretary of Health and Human Services (HHS) to...more

Health Care Compliance Association (HCCA)

[Virtual Event] 2021 Regional Healthcare Compliance Conference - St. Louis, MO - February 26th, 8:25 am - 4:30 pm CST

Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more

Health Care Compliance Association (HCCA)

[Event] Virtual 2020 New York Regional Conference - May 8th, New York, NY

Regional Virtual Healthcare Compliance Conference Overview - Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your...more

Foley & Lardner LLP

Compliance: Top Takeaways from Foley and PYA’s Annual “Let’s Talk Compliance” Event

Foley & Lardner LLP on

For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more

Society of Corporate Compliance and Ethics...

[Event] Regional Compliance & Ethics Conference - February 27th - 28th, Anchorage, AK

This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more

Bilzin Sumberg

Alphabet Soup and Data Security

Bilzin Sumberg on

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

Robinson+Cole Data Privacy + Security Insider

OCR portal designed for medical mobile app developers

The Office for Civil Rights (OCR) of the Department of Health and Human Services has launched a web based portal so medical mobile app developers can ask their “burning” questions about HIPAA compliance....more

Orrick, Herrington & Sutcliffe LLP

Privacy, Security, Risk: What You Missed At IAPP Conference

Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more

King & Spalding

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

34 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide