Compliance Office of Civil Rights

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
News & Analysis as of

Free HIPAA Help

Health care providers, health plans, business associates, and other entities affected by the federal HIPAA privacy and security regulations are quickly running out of excuses for not having a robust HIPAA compliance program...more

Compliance is No Joke: OCR Releases Security Risk Assessment Tool

On March 28, 2014, the Office of Civil Rights (OCR) announced the release of an online and iPad app-based security risk assessment (SRA) tool. The tool is intended to help health care providers in small to medium sized...more

HHS's New Security Risk Tool for HIPAA Compliance

On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more

HIPAA Housekeeping - Don't Forget Your Annual Report of Small Breaches

If you are a "covered entity" under the Health Insurance Portability and Accountability Act ("HIPAA") and suffer a breach of protected health information, one of your first reactions should be to count the number of affected...more

Be Prepared – HIPAA Audits are Coming in 2014

Later this year, the Department of Health and Human Services (“DHHS”) is expected to launch its permanent HIPAA Audit Program. The HIPAA Audit Program is authorized under Section 13411 of the HITECH Act, and is designed to...more

Privacy and Security Alert: January 9th, 2014

On December 5, 2013, the Office of Inspector General (OIG) reported on the Office for Civil Rights’ (OCR) compliance as of May 2011 with oversight and enforcement of the Security Rule and compliance with federal cybersecurity...more

It’s Not Enough to Notify: Don’t Forget the Policies, Risk Analyses, and Training

HIPAA compliance ended with a bang in 2013, with the feds issuing the first settlement involving a health provider’s failure to have breach notification policies and procedures in place. On Dec. 24, 2013, the Department of...more

Privacy Monday – September 16, 2013

Dis-Like! Senator Markey Urges the FTC to Investigate Facebook’s New Policies - As we previously reported, Facebook has proposed a number of revisions to its Data Use Policy and Statement of Rights and...more

OCR Guidance to Address HIPAA Marketing Turmoil

In response to a recent lawsuit and outcry from a variety of players in the health care market, the Department of Health and Human Services (“HHS”) has committed to issuing guidance by September 23rd (the compliance date for...more

HIPAA Compliance Date: Sept. 23, 2013

Impending HIPAA Compliance Date - As discussed in prior HIPAA Alerts a final 563-page Omnibus HIPAA Rule was released by the Department of Health and Human Services Office of Civil Rights to strengthen HIPAA’s security...more

The Paradigm Shift In Campus Responses To Sexual Misconduct: From Compliance To Compassion

Over the past several years, there has been growing awareness, public discourse and, at times, unrest about how colleges and universities respond to sexual misconduct. Originally Published in Today’s Campus –...more

HHS OCR Sends Message to CEs and their BAs: Protect ePHI Accessible Over the Internet

In its third resolution agreement of 2013, the Department of Health and Human Services, Office for Civil Rights (HHS OCR) today announced a $1.7 million resolution agreement with WellPoint, Inc., a health insurer and managed...more

Employment Law Blog: Regzilla Stomps Another One! - Idaho State University and the Compliance Gap Analysis

Presumably at this point HIPAA, HITECH and the Omnibus Regulation have been published, digested and everyone is in full compliance with the requirements that have been set forth....more

HIPAA Alert: Action Steps To Reach Compliance

As discussed in two prior HIPAA alerts, a final, 563-page Omnibus HIPAA Rule was released by the Department of Health and Human Services Office of Civil Rights to strengthen HIPAA’s security and privacy protections. The final...more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

McAfee & Taft Healthcare Industry Alert: New HIPAA regulations - Begin your compliance review now

On January 17, 2013, the Department of Health and Human Services issued a final rule amending the Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations and implementing the Health...more

Health Law: HIPAA Omnibus Regulation - I Want to Comply but What Exactly is Compromised Information?

The HIPAA Omnibus Regulation was publicly distributed by HHS last week with today, January 25, being the official publication date. The requirements are effective as of March 26, 2013 with a compliance deadline for almost...more

HIPAA and HITECH Privacy and Security Rule Update: Final Omnibus Rule

The Office of Civil Rights (“OCR”) of the Department of Health and Human Services (“HHS”) published today the much anticipated final omnibus rule implementing the Health Information Technology for Economic and Clinical Health...more

OCR Issues Long-Awaited Omnibus HIPAA/HITECH Rules: Significant Changes for Business Associates and Breach Analysis

The wait is finally over. On January 17, 2013, the U.S. Department of Health & Human Services (HHS), Office for Civil Rights (OCR), issued the final “omnibus” rule modifying the HIPAA Privacy, Security, Breach Notification...more

A Comprehensive Summary of the Final Omnibus HIPAA/HITECH Rules: Key Provisions and What They Mean for You

Executive Summary - On January 25, 2013, the Federal Register will publish final omnibus rules written by the U.S. Department of Health and Human Services (HHS) to modify the HIPAA Privacy, Security, Breach...more

HHS Finalizes Comprehensive Modifications to HIPAA Regulations in Omnibus Final Rule

On Thursday, January 17, 2013, the Department of Health and Human Services Office for Civil Rights (“HHS”) released in pre-publication form the rule commonly known as the “HIPAA Omnibus Rule,” which we refer to below as the...more

HIPAA Final Omnibus Rule Brings “Sweeping Change” to Health Care Industry

On January 17, 2013, the U.S. Department of Health and Human Services (HHS) announced the release of the HIPAA final omnibus rule, which was years in the making. The final rule makes sweeping changes to the HIPAA compliance...more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

HITECH Omnibus Rule Basics

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

Finally! HHS Office of Civil Rights Releases HIPAA Omnibus Rule With Sweeping Changes to Compliance Requirements and Enforcement

The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more

39 Results
|
View per page
Page: of 2