Covered Entities

News & Analysis as of

OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014

With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

Blog: HIPAA FAQ Series: Are Covered Entities Liable for Business Associates’ HIPAA Violations?

This post marks the beginning of a new series on this blog covering various frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). ...more

President Obama’s Proposed Privacy Bill of Rights - Part 5: Accountability

This week we have brought you a multi-part series analyzing the Obama administration’s proposed Consumer Privacy Bill of Rights (“CPBR” or “proposal”), which would require greater transparency by businesses in their privacy...more

White House Releases Draft Privacy Bill

The White House released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015. The Act is intended to establish baseline privacy protections for individuals in industries which are not currently regulated at...more

President Obama’s Proposed Privacy Bill of Rights - Part 4: Data Security

On Friday, Feb. 27, the Obama administration unveiled a proposed Consumer Privacy Bill of Rights that would require “covered entities” to be more transparent in privacy practices, and provide individuals certain rights aimed...more

President Obama’s Proposed Privacy Bill of Rights - Part 3: Who’s Covered

This week we have brought you a multi-part series analyzing the Obama administration’s proposed Consumer Privacy Bill of Rights, which would require greater transparency by businesses in their privacy practices, and grant...more

President Obama’s Proposed Privacy Bill of Rights - Part 2: Notice, Consumer Control, and Context

Part 2: Notice, Consumer Control, and Context - Yesterday we brought you the first part in DWT’s series analyzing the Obama Administration’s proposed Consumer Privacy Bill of Rights, which would require greater...more

Big Data Creates New Opportunities for Health Care Entities

Big Data — the ability to collect, process, and interpret massive amounts of information — has reached health care. Technology has created new business opportunities for health care entities — covered entities, business...more

White House Releases Revised Consumer Privacy Bill of Rights

On Friday, February 27, 2015, the White House released a revised version of its 2012 proposal for a consumer privacy bill of rights. The revised legislative proposal largely tracks with the 2012 proposal in that it focuses on...more

Office of Civil Rights Delays Phase 2 Audits

The Office of Civil RIghts (“OCR”) recently announced that Phase 2 of the HIPAA audits would be further delayed because the audit portals and project management tools that are needed to initiate the audit process are not...more

GAO Evaluates CMS Activities to Prepare Health Industry for ICD-10 Launch

According to a recent GAO report, CMS has taken numerous steps to prepare industry for the October 1, 2015 transition to ICD-10 codes, such as developing checklists, timelines, and other educational materials and hosting...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Blog: Deadline Approaching for Reporting 2014 HIPAA Breaches

All covered entities that discovered security breaches under the Health Insurance Portability and Accountability Act (“HIPAA”) in 2014 should be aware of an upcoming reporting deadline. ...more

Employers with Group Health Plans: Have You Notified State Regulators of the Breach?

Data security breaches affecting large segments of the U.S. population continue to dominate the news. Over the past few years, there has been considerable confusion among employers with group health plans regarding the...more

Preparing for a Data Breach – What to Know about Breach Notification

Data breaches are at the forefront of the news, and many companies, including those dominant in the health care industry, have found themselves front and center in the headlines. Although recent news stories have focused...more

Also In the News - Data, Privacy, & Security Practice Report - February 2015

OMB Receives Final Rule Permitting Disclosure To NICS --According to reginfo.gov, the White House Office of Management and Budget received a final rule from HHS that would modify the HIPAA Privacy Rule to expressly permit...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

A WARN Case Study: Are Workers on Layoff “Employees” and the Hidden Dangers of Exposing Controlled Groups to Liability

Last week the U.S. District Court in Cleveland issued a decision that, once again reminds us in two ways how devilishly tricky the Worker Adjustment and Retraining Notification (WARN) Act can be when determining what is a...more

OCR Updates Breach Report Web Portal — Changes Could Impact Annual Breach Reports

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently launched an updated version of the portal covered entities must use to notify OCR regarding a breach of unsecured protected health...more

Deadline Approaching to Report Certain HIPAA Breaches to Federal Officials

The HIPAA Breach Notification Rule requires covered entities to notify the Secretary of the Department of Health and Human Services (HHS) if a breach of unsecured protected health information (PHI) is discovered. As most...more

Alert: Five Ways to Reduce Your HIPAA Liability

As of early December 2014, 1,170 security breaches under the Health Insurance Portability and Accountability Act (HIPAA) involving 31 million records had been reported to the U.S. Department of Health and Human Services (HHS)...more

News from the Health Law Gurus™:

News from the Health Law Gurus™ is a weekly summary of notable health law news from around the country with helpful links to related content. Check back every week for the latest health law news stories....more

HIPAA: Deadlines Pass and Definitions Change

For all covered entities and business associates, September 22 was the last day for business associate agreements (BAAs) to comply with the Omnibus HIPAA Rule (the Rule) released in January 2013. Before the Rule’s release,...more

IT Maintenance Crucial for HIPAA Compliance

The Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) recently announced an agreement with a medical center to settle charges stemming from the center’s failure to prevent malware from infecting its...more

190 Results
|
View per page
Page: of 8