Corrective Actions

News & Analysis as of

Client Alert - The Government Makes a Business Associate Pay: What HIPAA Covered Entities and Business Associates Can Learn from...

The government has entered into its first settlement with a HIPAA business associate, including a $650,000.00 monetary penalty, ushering in a new period of enforcement for third parties who use Protected Health Information...more

Breach of ePHI Results in $2.7 Million Fine

Oregon Health & Science University (“OHSU”) has paid $2.7 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle allegations that it violated the Health Insurance Portability...more

Innovation in Compliance Week- Part IV: Innovation Through Continuous Improvement

What is the intersection of innovation in your compliance program and the requirements of an effective compliance program? I find the answer to be found in Hallmark 10 of the Ten Hallmarks of an Effective Compliance Program...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

First Ever OCR Settlement of Enforcement Action against HIPAA Business Associate Due to PHI Breach

On June 30, the Office of Civil Rights (OCR) announced the first HIPAA settlement agreement with a business associate. This follows recent settlements with two HIPAA covered entities under HIPAA due, in large part, to the...more

Entity Fined $650,000 in First HIPAA Settlement with a Business Associate

The possibility of business associates potentially being audited, investigated, and ultimately fined is now a reality. On June 24, 2016, the United States Department of Health and Human Services’ Office of Civil Rights...more

HHS Brings Landmark HIPAA Enforcement Action Against a Business Associate for Alleged Data Security Failures

On June 29, 2016, the U.S. Department of Health and Human Services (HHS) announced a Resolution Agreement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), settling charges that CHCS failed to...more

Business Associate Settles HIPAA Investigation for $650,000

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

Massachusetts General Hospital vendor Patterson Dental Supply reports breach of 4,300 patient records

Patterson Dental Supply, Massachusetts General Hospital’s (MGH) vendor that provides software to the hospital to manage dental practice information, has reportedly admitted that approximately 4,300 of MGH’s patient records...more

MSHA Announces Proposed Rule on Workplace Exams

Last week, MSHA released its Proposed Rule for the Examinations of Working Places in Metal and Nonmetal Mines in the Federal Register, the Proposed Rule was formally published on June 8, 2016. The Proposed Rule addresses...more

MSHA Issues New Workplace Exam Proposed Rule

The Mine Safety and Health Administration (MSHA) announced today that it was issuing a notice of proposed rulemaking that will amend the Workplace Examination regulation at 30 C.F.R. § 56.18002 (Surface) and § 57.18002...more

New Proposed Rule from the CFPB Paves Way for Massive Increase in Class Actions Suits Against Financial Institutions

Last week, the Consumer Financial Protection Bureau (“CFPB”) issued a proposed rule which would prohibit mandatory arbitration provisions in millions of banking contracts, including contracts with consumers for credit cards...more

Spring Showers Bring HIPAA Breaches

OCR has announced several recent settlement agreements to resolve violations of the Health Insurance Portability and Accountability Act (“HIPAA”). These settlement amounts range from $25,000 to $3.9 million dollars and...more

CPSC Recall Snapshot: April 2016

Welcome to the April edition of the Alston & Bird CPSC Recall Snapshot. Last month, Administrative Law Judge Dean C. Metry issued a ruling against the CPSC in litigation with Zen Magnets over its small-diameter magnetic...more

Improper Disclosure of Research Information Results in $3.9 Million Settlement

On March 17, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that the Feinstein Institution for Medical Research (“Feinstein”) agreed to pay $3.9 million to resolve...more

Phase 2 of HIPAA Compliance Audits Now Underway

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (DHHS) recently announced that it has initiated Phase 2 of its audit program to assess Covered Entities’ and Business Associate’s...more

CPSC Pledges Higher Penalties

Earlier this month, CPSC Chair Elliot Kaye told regulators, industry, and lawyers about the CPSC’s priorities for the coming year. At the top of the list were increased civil penalties for failure to report potentially...more

Pay Attention to Business Associate Agreements!

For our HIPAA-covered entity readers, we have asked these questions before: Have you taken a business associate inventory? Have you undertaken a comprehensive risk assessment as required by HIPAA?...more

OCR Announces Two Significant HIPAA Breach Settlements

On consecutive days, the Office of Civil Rights (“OCR”) of the Department of Health and Human Services (“HHS”) recently announced two large HIPAA breach settlements. On March 16, 2016, OCR announced that it entered into a...more

Seven-Figure Settlement Reinforces Necessity of Business Associate Agreements

On March 16, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that North Memorial Health Care of Minnesota (“Memorial”) agreed to pay $1.55 million to resolve allegations that...more

Don’t Neglect Your Business Associate Agreements!

As we have repeatedly emphasized on this blog, HIPAA Covered Entities must ensure that they have compliant business associate agreements (“BAAs”) in place with all of their business associates and must ensure that they have...more

CPSC Representatives Lay Out Active Agenda

At the International Consumer Product Health and Safety Organization (ICPHSO) conference in D.C. last week, Chairman Elliot Kaye and other CPSC representatives raised eyebrows with an active agenda, which included proposed...more

Physical therapy provider’s patient testimonials lead to $25,000 OCR settlement and admission of civil liability

On February 16, 2016, the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced that it had entered into an agreement with Complete P.T., Pool & Land Physical Therapy, Inc. (CPT), a physical...more

After a Strong Enforcement Presence in 2015, OCR Starts 2016 with a $239,000 Civil Money Penalty Judgment

It has been a busy winter for the US Department of Health and Human Service, Office for Civil Rights (“OCR”). Since November 2015, the agency has announced three settlements and one civil money penalty judgment amounting to...more

Ask the Health Law Gurus™: What Is a Civil Monetary Penalty and How Is It Different from an OCR Settlement?

The Health Law Gurus™ are here to help you stay current on issues and breaking news in health law. To help you stay up-to-date, we are excited to announce our new segment, “Ask the Health Law Gurus™.” Each month, we will...more

86 Results
|
View per page
Page: of 4
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×