Covered Entities

News & Analysis as of

20 Days Left to File Your Annual HIPAA Breach Report

Did your organization experience a HIPAA breach involving fewer than 500 individuals in 2015? If so, remember to submit your mandatory report to the Secretary of HHS no later than February 29, 2016, through the online breach...more

OCC Releases Dodd-Frank Stress Test Scenarios for 2016

On January 28, the Office of the Comptroller of the Currency (OCC) released economic and financial market scenarios that will be used in the upcoming stress tests for covered institutions with more than $10 billion in assets....more

Second CMP Assessed for HIPAA Violations: Do You Know Where Your Data Is?

For only the second time in its history, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has imposed a civil money penalty (CMP) on a covered entity for allegedly violating the HIPAA...more

Historic Moment: Husband Reports Wife’s HIPAA Violation Triggering Six Figure Penalty Against Employer

For the second time in history, the Office for Civil Rights (“OCR”) has imposed a civil monetary penalty (“CMP”) against a covered entity for violations of the Health Insurance and Portability Act (“HIPAA”). Lincare, Inc., a...more

Is your institution of higher education covered by HIPAA?

It comes as no surprise that virtually every postsecondary administrator is familiar with the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99). After all, FERPA, the primary federal law...more

2016 HIPAA Audits to Begin: Are you Confident in Your HIPAA Compliance?

Although the Health Insurance Portability and Accountability Act, or “HIPAA,” has been around since 1996, with its implementing regulations first published in the early 2000s, it is definitely not “old news.” In light of...more

Four Questions to Ask before Disclosing (or Withholding) PHI in Transaction Due Diligence

HIPAA’s restrictions on the use or disclosure of protected health information (“PHI”) by a covered entity or business associate may be familiar to many in healthcare. Also familiar may be the exception that allows covered...more

OCR issues new guidance on individuals’ access to PHI: Is your access policy compliant?

On Jan. 7, 2016, the Office of Civil Rights (OCR) issued new guidance (Guidance) on the right of individuals under the HIPAA Privacy Rule to access their protected health information (PHI). In the Guidance, the OCR indicated...more

Making it easier to get your own medical records

Getting a copy of your own medical records is supposed to be easy and inexpensive. It also can be essential for ensuring the best medical care. But many hospitals and doctors have made it difficult and pricey, and the federal...more

HIPAA Privacy Rule Amendment will Permit Very Limited Reporting of Mental Health Information to the NICS

An amendment to HIPAA’s privacy rules will allow a limited subset of covered entities (such as, potentially, state agencies) to disclose information to the National Instant Criminal Background Check System (NICS)....more

HIPAA Privacy Regulations Amended to Allow Disclosures of Mental Health Information for Firearm Background Checks

On January 4, 2016, the Department of Health and Human Services (HHS) modified the HIPAA Privacy Rule to expressly permit certain covered entities to disclose to the National Instant Criminal Background Check System (NICS)...more

DBIS finalises PSC Regulations

DBIS has published the outcome of its consultation on introducing the people with significant control (PSC) register. Companies, limited liability partnerships and Societas Europaea will be required to hold a PSC register...more

WEBINAR: Creating Stable Security and Compliance Relationships Between Health Care Organizations and Vendors

The Omnibus Rule implementing the HITECH Act made several changes to the HIPAA Privacy and Security Rules that profoundly changed the dynamic between health care providers and vendors. In addition, the Breach Notification...more

Purchased Loans From Alternative Lenders Should Be Accorded the Same Risk Analysis as Originated Loans, FDIC Reminds Banks

Why it matters - In a new advisory, the Federal Deposit Insurance Corporation (FDIC) provided a reminder to all covered entities of the importance of underwriting and administering purchased loans and loan participations...more

Health Care: HIPAA Covered Entities - Your Organization’s Liability after a Cyber-Attack (12/15)

It is difficult for companies to manage the rapidly evolving legal landscape of cybersecurity. All companies, no matter the size, are potential targets for a cyber-attack. A common question posed by concerned In-House...more

PHI on the Cloud and White Label Covered Entities: HIPAA Challenges for Telemedicine Providers

Both telemedicine providers and technology companies that serve the telehealth industry face some unique and sometimes complicated challenges dealing with HIPAA, especially as it relates to the storage, transmission, and use...more

OIG Reports on, Proposes Alternatives to Medicare Part B Reimbursement for 340B Drugs

In November 2015, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) published a report (the Report) on the subject of Medicare Part B (Part B) payments made for covered outpatient drugs...more

Another Day, Another OCR Resolution Agreement – Numerous Repeated Breaches Lead to $3.5 Million Settlement

On the heels of the Lahey Hospital and Medical Center resolution agreement, OCR announced a resolution agreement with Triple-S Management Corporation and its subsidiaries, Triple-S Salud Inc. and Triple-C Inc. (collectively...more

High Cost of HIPAA Violations Demonstrated in $3.5 Million Settlement

Triple-S Management Corporation (“Triple-S”), on behalf of its wholly-owned subsidiaries, Triple-S Salud, Inc., Triple-C, Inc., and Triple-S Advantage, Inc., has agreed to pay $3.5 million as part of a Resolution Agreement...more

New York Department of Financial Services Sets Forth Extensive Cybersecurity Regulatory Framework Proposal

On November 9, 2015, the New York State Department of Financial Services (NYDFS) issued a letter to the members of the Financial and Banking Information Infrastructure Committee (FBIIC) detailing a new cybersecurity framework...more

OIG Report Examines Potential Scenarios for Restructuring 340B Program

Restructuring the 340B Drug Discount Program and Part B payment rules could reduce Medicare drug expenditures by up to $1.1 billion, the HHS Office of Inspector General (OIG) reported last week. The 340B Program requires...more

OCR HIPAA Phase 2 Audits Coming Soon. Be Prepared.

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that the agency expects to begin Phase 2 Audits in early 2016. OCR intends to conduct desk audits and on-site audits of covered...more

Blog: Hospital and Vendor Reach Agreement to Settle Alleged HIPAA Violations with Connecticut AG

Last week, the Connecticut Attorney General (the “Connecticut AG”) announced that Hartford Hospital and its subcontractor, EMC Corporation (“EMC”), agreed to settle potential violations of the Health Insurance Portability and...more

The New York Department of Financial Services Releases Potential New Cybersecurity Rules

On November 9, Anthony Albanese, Acting Superintendent of the New York Department of Financial Services (the NYDFS), sent a letter to the 18 members of the Financial and Banking Information Infrastructure Committee (the...more

OIG Emphasizes Proactive Enforcement of Privacy Rule and Monitoring of Repeat Offenders

The Office of Inspector General’s (OIG) recently released Privacy Standards report assessed the Office for Civil Rights’ (OCR) oversight of covered entities’ compliance with the Privacy Rule as well as the extent to which...more

311 Results
|
View per page
Page: of 13

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×