Covered Entities

News & Analysis as of

HHS Releases Guidance On Ransomware And HIPAA

On July 11, 2016, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) published new guidance on the how HIPAA applies to ransomware prevention and attacks. Specifically, the guidance lays out...more

Final ACA Nondiscrimination Rules Under Section 1557 Now Effective

This is the one hundred and first issue in our series of alerts for employers on selected topics on health care reform. (Click here to access our general Summary of Health Care Reform and other issues in this series.) This...more

HHS OCR Guidance on Ransomware Attacks: They Constitute a “Security Incident” and Are Likely a Data Breach

On July 11, 2016, the HHS Office of Civil Rights (OCR) released guidance on HIPAA covered entities’ responsibilities in a ransomware attack, a type of cyber-attack that has targeted the health care sector extensively in...more

Report Warns Providers of HIPAA Violations When Responding to Negative Online Reviews

ProPublica, a public interest investigative newsroom, recently identified more than 3,500 one-star medical reviews on Yelp in which patients complained about privacy issues. ProPublica determined that “in dozens of instances,...more

New Materials Help Covered Entities Comply with Nondiscrimination Rules

Last week, the Department of Health and Human Services (“HHS”) released new materials for covered entities to use to comply with Section 1557, the nondiscrimination provision of the Affordable Care Act. Section 1557...more

Ransomware Attack is a Breach – Unless You Can Prove Otherwise

Ransomware is the fastest growing malware threat in the United States, targeting simple home computers to elaborate corporate IT networks. The Federal Bureau of Investigation recently reported an increase in ransomware...more

Client Alert - The Government Makes a Business Associate Pay: What HIPAA Covered Entities and Business Associates Can Learn from...

The government has entered into its first settlement with a HIPAA business associate, including a $650,000.00 monetary penalty, ushering in a new period of enforcement for third parties who use Protected Health Information...more

New York Department of Financial Services Issues New AML and Sanctions Regulations

The New York DFS finalized its new AML and Sanctions screening regulations. Interestingly, the NYDFS backed off its original proposal to require a Chief Compliance Officer to certify to a compliance “finding” that the...more

Regulatory Authorities Launch The Second Phase Of The HIPAA Compliance Audit Program

As a part of its continued efforts to assess compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules, the Health and Human Services (HHS) Office for...more

The Long Anticipated HIPAA Audits Are Here!

Phase 2 HIPAA Audits, which the Department of Health and Human Services' Office of Civil Rights ("OCR") announced had "launched" back in March of this year, have now officially begun. On Monday, July 11, 2016, the first round...more

OCR Issues New Guidance on Ransomware and HIPAA

In response to a rising number of ransomware attacks on healthcare systems, the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) has issued new ransomware guidance on the HIPAA obligations of...more

OCR Launches Phase 2 HIPAA Audits

On July 11, 2016, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) notified 167 covered entities of their selection for Phase 2 desk audits. The audits will examine compliance with the...more

OCR Begins HIPAA Phase 2 Audits

What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more

New HIPAA Guidance on Ransomware Prevention and Recovery

A U.S. government interagency report indicates that there has been a 300 percent increase in the daily ransomware attacks in 2016 as compared to 2015. Ransomware is malicious software that, when introduced into a system,...more

New Affordable Care Act and Medicaid Regulations Will Require Covered Entities Providing Healthcare Programs and Services to Have...

There has been a proliferation of ADA lawsuits alleging that websites are not accessible to the blind or deaf. Individuals who are blind or have low vision may require assistive devices and specialized software to access the...more

HIPAA Audit Program Update—HHS OCR Moves Forward with Desk Audits

As we previously reported, on March 21, 2016, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) launched the long-awaited Phase 2 of the audit program that is intended to assess compliance with...more

OCR Sends Notification Letters to Phase 2 HIPAA Auditees

On July 12, 2016, HHS’s Office for Civil Rights (OCR) distributed an e-mail discussing recent developments in Phase II of its HIPAA audit program....more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Check Your Desk: HIPAA Audits for Covered Entities Have Arrived

The Office of Civil Rights (OCR) of the Department of Health and Human Services has moved forward with Phase 2 of its Health Insurance Portability and Accountability Act of 1996 (HIPAA) audit program. On Monday, July 11,...more

First Ever OCR Settlement of Enforcement Action against HIPAA Business Associate Due to PHI Breach

On June 30, the Office of Civil Rights (OCR) announced the first HIPAA settlement agreement with a business associate. This follows recent settlements with two HIPAA covered entities under HIPAA due, in large part, to the...more

OCR Announces New HIPAA Guidance on Ransomware

In response to the increasing prevalence of ransomware cyber-attacks by hackers on electronic health information systems in hospitals and medical practices, the Department of Health and Human Services (HHS) Office for Civil...more

OCR Update: HIPAA Phase 2 Audit Notices—Responses Due July 22, 2016

On July 11, 2016, e-mail notification was sent to 167 covered entities alerting them of their inclusion in the desk audit portion of OCR’s 2016 HIPAA audit program. Selected covered entities must respond no later than July...more

Just a Matter of Time: First-Ever Settlement of HIPAA Claims Against a Business Associate

On June 30, 2016, the Health and Human Services Office for Civil Rights (OCR) announced the first-ever settlement of Health Insurance Portability and Accountability Act (HIPAA) claims against a business associate. According...more

“Your Money or Your PHI”: OCR Releases Guidance on Ransomware

On July 11, 2016, the Office for Civil Rights (OCR) released important new guidance on ransomware for hospitals and other healthcare providers and finally addressed the question of whether electronic protected health...more

Business Associates of HIPAA Covered Entities Beware!

If your organization is a business associate of a HIPAA covered entity (such as a health care provider or employee health benefit plan), you should know that the Department of Health and Human Services' Office of Civil Rights...more

444 Results
|
View per page
Page: of 18
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×