Corrective Actions

News & Analysis as of

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

Virginia DEQ to Revise Risk Assessment Protocols

The Virginia Department of Environmental Quality (“DEQ”) is preparing to implement revised risk assessment protocols for many of its site cleanup programs. DEQ’s new approach is called the Virginia Unified Risk Assessment...more

Office of Civil Rights Posts HIPAA Phase II Audit Guidance and Advocate Health Care Settlement Information

The Office of Civil Rights (OCR) recently uploaded two items of interest: information regarding the largest penalty to date against a single entity, Advocate Health Care Network (Advocate), and HIPAA Phase II Desk Audit...more

Bid Protests in Government Contracts: 17.5 Billion Reasons Why They Continue to Rise

One of the reasons for the increase in protests no doubt is agency corrective action. Looking at GAO protest sustain rates is misleading, because it excludes instances where an agency decides on its own to fix a perceived...more

Largest HIPAA Settlement Announced Against A Single Entity: $5.55 Million

On August, 4, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Advocate Health Care Network (Advocate) agreed to pay a settlement amount of $5.55 million and adopt a...more

HIPAA News: HHS Getting Tough On ePHI Data Breaches

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more

6th Circuit Joins Majority, Accepting "Materialization of the Risk"

Last month, the 6th Circuit joined the majority view recognizing the “materialization of the risk” theory of loss-causation as an alternative to “corrective-disclosure” in securities litigation under Rule 10b-5....more

Two Multi-Million Dollar HIPAA Settlements Emphasize Importance of a Comprehensive Security Program

The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced two settlements of more than $2 million each with respect to alleged violations of the Health Insurance Portability and...more

CFPB Supervisory Highlights – January 2016 to April 2016

On June 30, 2016, the Consumer Financial Protection Bureau (“CFPB”) released the twelfth edition of its Supervisory Highlights report (“Report”), which focused on supervision work completed between January and April 2016. The...more

OCR Announces First HIPAA Enforcement Action against a Business Associate

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

Client Alert - The Government Makes a Business Associate Pay: What HIPAA Covered Entities and Business Associates Can Learn from...

The government has entered into its first settlement with a HIPAA business associate, including a $650,000.00 monetary penalty, ushering in a new period of enforcement for third parties who use Protected Health Information...more

Breach of ePHI Results in $2.7 Million Fine

Oregon Health & Science University (“OHSU”) has paid $2.7 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle allegations that it violated the Health Insurance Portability...more

Innovation in Compliance Week- Part IV: Innovation Through Continuous Improvement

What is the intersection of innovation in your compliance program and the requirements of an effective compliance program? I find the answer to be found in Hallmark 10 of the Ten Hallmarks of an Effective Compliance Program...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

First Ever OCR Settlement of Enforcement Action against HIPAA Business Associate Due to PHI Breach

On June 30, the Office of Civil Rights (OCR) announced the first HIPAA settlement agreement with a business associate. This follows recent settlements with two HIPAA covered entities under HIPAA due, in large part, to the...more

Entity Fined $650,000 in First HIPAA Settlement with a Business Associate

The possibility of business associates potentially being audited, investigated, and ultimately fined is now a reality. On June 24, 2016, the United States Department of Health and Human Services’ Office of Civil Rights...more

HHS Brings Landmark HIPAA Enforcement Action Against a Business Associate for Alleged Data Security Failures

On June 29, 2016, the U.S. Department of Health and Human Services (HHS) announced a Resolution Agreement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), settling charges that CHCS failed to...more

Business Associate Settles HIPAA Investigation for $650,000

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

Massachusetts General Hospital vendor Patterson Dental Supply reports breach of 4,300 patient records

Patterson Dental Supply, Massachusetts General Hospital’s (MGH) vendor that provides software to the hospital to manage dental practice information, has reportedly admitted that approximately 4,300 of MGH’s patient records...more

MSHA Announces Proposed Rule on Workplace Exams

Last week, MSHA released its Proposed Rule for the Examinations of Working Places in Metal and Nonmetal Mines in the Federal Register, the Proposed Rule was formally published on June 8, 2016. The Proposed Rule addresses...more

MSHA Issues New Workplace Exam Proposed Rule

The Mine Safety and Health Administration (MSHA) announced today that it was issuing a notice of proposed rulemaking that will amend the Workplace Examination regulation at 30 C.F.R. § 56.18002 (Surface) and § 57.18002...more

New Proposed Rule from the CFPB Paves Way for Massive Increase in Class Actions Suits Against Financial Institutions

Last week, the Consumer Financial Protection Bureau (“CFPB”) issued a proposed rule which would prohibit mandatory arbitration provisions in millions of banking contracts, including contracts with consumers for credit cards...more

Spring Showers Bring HIPAA Breaches

OCR has announced several recent settlement agreements to resolve violations of the Health Insurance Portability and Accountability Act (“HIPAA”). These settlement amounts range from $25,000 to $3.9 million dollars and...more

CPSC Recall Snapshot: April 2016

Welcome to the April edition of the Alston & Bird CPSC Recall Snapshot. Last month, Administrative Law Judge Dean C. Metry issued a ruling against the CPSC in litigation with Zen Magnets over its small-diameter magnetic...more

Improper Disclosure of Research Information Results in $3.9 Million Settlement

On March 17, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that the Feinstein Institution for Medical Research (“Feinstein”) agreed to pay $3.9 million to resolve...more

96 Results
|
View per page
Page: of 4
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×