News & Analysis as of September 22, 2024

Department of Health and Human Services (HHS)

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

What HIPAA Security Rule Surprises Await Healthcare Providers for the Second Half of 2024?

Holland & Knight LLP on 5/14/2024

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more

Healthcare Organizations Can Meet New HHS Cybersecurity Goals with the Help of Tabletop Exercises

Epiq on 5/7/2024

In today’s digital age, securing sensitive healthcare data is paramount. With the rise in cyber threats targeting healthcare organizations, the Department of Health and Human Services (HHS) has taken proactive steps to...more

Forecasting the Integration of AI into Health Care Compliance Programs

Robinson+Cole Health Law Diagnosis on 4/12/2024

Health care entities maintain compliance programs in order to comply with the myriad changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial...more

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on 3/15/2024

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

NYC Hospital Agrees to Pay $4.75 Million as Part of a HIPAA Settlement

Saul Ewing LLP on 2/13/2024

On February 6, 2024, the HHS Office for Civil Rights (“OCR”) announced a settlement with Montefiore Medical Center (“MMC”) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more

HHS Publishes ‘Voluntary’ Healthcare Cybersecurity Performance Goals in Record Time but Leaves Questions Unanswered

BakerHostetler on 2/9/2024

As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more

‘An Unknown Individual Walked In’: Protecting Against Telehealth Risks Includes Non-IT Threats

Health Care Compliance Association (HCCA) on 2/9/2024

The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more

Privacy Briefs: November 2023

Health Care Compliance Association (HCCA) on 11/10/2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on 10/6/2023

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

[Event] 2023 Board & Audit Committee Compliance Conference - October 23rd - 24th, Fort Lauderdale, FL

Health Care Compliance Association (HCCA) on 6/30/2023

Discover today's best practices for your role in healthcare compliance oversight - The Office of Inspector General of Health and Human Services expects healthcare board members, board audit/compliance committee members,...more

There’s an app for that! But is your health care app in compliance?

Harris Beach PLLC on 2/20/2023

The health care industry is increasingly adopting mobile apps for a variety of purposes, including tracking patient health conditions and sharing patient data. Privacy and security are important considerations, and it is...more

Report on Patient Privacy Volume 23, Number 2. ONC’s Tripathi: HIPAA Doesn’t Impede Sharing, Requirements Under Info Blocking...

Health Care Compliance Association (HCCA) on 2/16/2023

Report on Patient Privacy Volume 23, no 2 (February 2023) When Micky Tripathi’s mom was recently transferred to a rehab facility to recover from a broken hip, the hospital, “right in front of me…printed off her record,...more

New Proposed Part 2 Rules Aim for Greater HIPAA Alignment

Stoel Rives - Health Law Insider® on 2/7/2023

Long before enactment of HIPAA, substance use disorder (“SUD”) treatment records have enjoyed confidentiality protections under 42 C.F.R. Part 2 (“Part 2”). Since HIPAA/HITECH and related regulations went into effect, SUD...more

[Virtual Event] Richmond Regional Healthcare Compliance Conference - December 9th, 8:25 am - 4:30 pm EST

Health Care Compliance Association (HCCA) on 11/9/2022

General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more

[Event] Denver Regional Healthcare Compliance Conference - October 15th, Denver, CO

Health Care Compliance Association (HCCA) on 9/9/2021

Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more

Get Ready for HIPAA Questions on Your Recognized Security Practices

Holland & Knight LLP on 8/31/2021

An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more

New Law Requires HHS to Consider Recognized Security Practices as Mitigating Factor When Determining Penalties

Alston & Bird on 1/22/2021

On January 5, 2021, the president signed into law H.R. 7898, an Act that amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Secretary of Health and Human Services (HHS) to...more

[Virtual Event] 2021 Regional Healthcare Compliance Conference - St. Louis, MO - February 26th, 8:25 am - 4:30 pm CST

Health Care Compliance Association (HCCA) on 1/19/2021

Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more

[Event] Virtual 2020 New York Regional Conference - May 8th, New York, NY

Health Care Compliance Association (HCCA) on 4/21/2020

Regional Virtual Healthcare Compliance Conference Overview - Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your...more

Compliance: Top Takeaways from Foley and PYA’s Annual “Let’s Talk Compliance” Event

Foley & Lardner LLP on 2/11/2020

For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more

[Event] Regional Compliance & Ethics Conference - February 27th - 28th, Anchorage, AK

Society of Corporate Compliance and Ethics... on 2/6/2020

This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more

Alphabet Soup and Data Security

Bilzin Sumberg on 10/19/2015

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

OCR portal designed for medical mobile app developers

Robinson+Cole Data Privacy + Security Insider on 10/16/2015

The Office for Civil Rights (OCR) of the Department of Health and Human Services has launched a web based portal so medical mobile app developers can ask their “burning” questions about HIPAA compliance....more

Privacy, Security, Risk: What You Missed At IAPP Conference

Orrick, Herrington & Sutcliffe LLP on 10/15/2015

Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on 10/12/2015

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

34 Results

View per page

Page: of 2

Compliance › Data Security › Department of Health and Human Services (HHS)

"My best business intelligence, in one easy email…"