[Webinar] EHS in the Cannabis Industry: What Happens When the E stands for Enforcement?
Pamela Para on Effective Investigations in Healthcare
Susan Roberts on Creating a Compliance Program Book
Reasonable minds can differ
Compliance Perspectives: Risk and the 2020 Compliance & Ethics Institute
How to Assess the Likelihood of Success in Deciding Whether to Bring a Bid Protest
In February 2023, the Brazilian National Data Protection Authority (ANPD) published the rules for the application of sanctions and the methodology for calculating fines for violation of their General Data Protection Law...more
On November 27, 2019 the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a $2.175 million dollar settlement with a hospital system to resolve alleged violations of HIPAA’s Breach...more
The latest HIPAA resolution agreement by the U.S. Department of Health and Human Services Office for Civil Rights (OCR) is a reminder that healthcare providers must take the high road when responding to unflattering online...more
The Office for Civil Rights (OCR) at the Department of Health and Human Services announced it reached a settlement with Elite Dental Associates of Dallas (Elite) to resolve a complaint alleging Elite impermissibly disclosed a...more
On September 9, 2019, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had settled its first ever HIPAA enforcement action arising from alleged violations of the individual...more
Medical Informatics Engineering, Inc. (Medical Informatics) and its wholly-owned subsidiary, NoMoreClipboard, LLC, an electronic medical record and software services provider is now liable for a combined total of $1 million...more
The Office of Civil Rights of the Department of Health and Human Services (OCR) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health care...more
On May 6, 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an agreement with Touchstone Medical Imaging, LLC (Touchstone)...more
We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more
On November 26, 2018, the U.S. Department of Health and Human Services (HHS) announced that it reached a settlement with a Connecticut physician group practice for compromising the privacy of a patient’s protected health...more
On October 15, 2018, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Anthem, Inc. will pay $16 million to settle OCR’s investigation of its potential violations of the Health...more
In an industry overrun with news of almost daily privacy breaches, what makes the Fresenius settlement especially newsworthy is the size of the fine compared to the size of the breach and the types of breaches involved....more
The recent $575,000 settlement with EmblemHealth signals a push from AG Schneiderman “for stronger security laws and hold[ing] businesses accountable for protecting their customers’ personal data.” Noting New York’s “weak and...more
In the first settlement for HIPAA violations in 2018, Fresenius Medical Care North America (Fresenius) has agreed to pay $3.5 million to the Office for Civil Rights (OCR) to settle allegations against it relating to five data...more
On January 4, 2018, the National Health Information Sharing and Analysis Center (NH-ISAC) posted an announcement regarding the cybersecurity threats Meltdown and Spectre that were recently identified....more
The Situation: Earlier this year, the People's Republic of China enacted its Cybersecurity Law, which granted authorities broad, explicit powers to monitor and investigate activities falling under its purview, along with the...more
On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more
The Office for Civil Rights (OCR) has announced that the University of Massachusetts Amherst (UMass) has agreed to settle an investigation against it as a result of a malware infection for $650,000, along with implementing a...more
The Office for Civil Rights (OCR) has announced that it has entered into a settlement with St. Joseph Health, which operates hospitals and nursing homes in California, Texas and New Mexico, for $2.14 million for alleged HIPAA...more
On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more
The government has entered into its first settlement with a HIPAA business associate, including a $650,000.00 monetary penalty, ushering in a new period of enforcement for third parties who use Protected Health Information...more
Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more
Patterson Dental Supply, Massachusetts General Hospital’s (MGH) vendor that provides software to the hospital to manage dental practice information, has reportedly admitted that approximately 4,300 of MGH’s patient records...more
On March 16, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that North Memorial Health Care of Minnesota (“Memorial”) agreed to pay $1.55 million to resolve allegations that...more
This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more