News & Analysis as of

Failure to take basic security measures may result in HIPAA penalties – 6 tips to keep up with updates and patches

Covered Entities and their Business Associates must comply with HIPAA’s Security Rule, or they may face substantial penalties. The Office of Civil Rights (OCR) recently shared a resolution agreement that emphasizes the...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Recent HHS Settlement Highlights Importance of Updating HIPAA Compliance Programs

On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates...

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance...more

Refill Reminders and the TCPA

The Telephone Consumer Protection Act (“TCPA”) presents another challenge as health care providers continue to engage patients and seek to meet Meaningful Use reminder objectives. Over the past year, there have been several...more

Ebola Outbreak Prompts HHS Bulletin on Application of HIPAA During Emergencies

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by Congress and signed by President Bill Clinton in 1996. According to the U.S. Department of Health and Human Services (HHS), the HIPAA Privacy Rule...more

Preparing for HIPAA Compliance Audits

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), the office responsible for administering and enforcing the Health Insurance Portability and Accountability Act of 1996 (HIPAA), will...more

HIPAA Privacy in Emergency Situations

In light of the Ebola outbreak and other events, the U.S. Department of Health and Human Services, Office for Civil Rights, released a bulletin to ensure HIPAA covered entities are aware of the ways in which patient...more

Health Update - November 2014

“Healthcare-Related” Calls: Ambiguity at the Intersection of HIPAA and TCPA - Editor’s Note: The Federal Communications Commission (FCC) has established exemptions from certain requirements of the Telephone Consumer...more

HHS Issues Special HIPAA Guidance for Ebola Outbreak

The U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"), released a bulletin last week addressing how covered entities (including certain health care providers and employer group health...more

Data, Privacy & Security Practice Report – Also in the News: November 2014

Office for Civil Rights Releases HIPAA Bulletin in Light of Ebola Outbreak – The U.S. Department of Health and Human Services Office for Civil Rights released a bulletin today reminding HIPAA covered entities and...more

OCR Publishes Bulletin Regarding Privacy in Light of Ebola Outbreak

In response to the recent Ebola outbreak in West Africa and in light of patients being treated in several hospitals in the U.S., the HHS, OCR (OCR) recently issued a HIPAA Bulletin to remind us that HIPAA covered entities and...more

Health Care Providers Responding to Ebola: HHS Issues Guidance Reminding Covered Entities that HIPAA Allows the Sharing of PHI in...

The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) has issued guidance to remind HIPAA-covered entities of the ways in which they are permitted under HIPAA to share protected health information...more

HHS Explains Privacy Rule in Emergency Situations

On November 10, 2014, the U.S. Department of Health and Human Services (HHS) issued a bulletin reminding covered entities and business associates of how they may disclose patient information for public health activities or in...more

OCR’s New Bulletin on Ensuring Privacy in Public Health Emergencies

This week, the HHS Office of Civil Rights (OCR) issued a bulletin (Bulletin) to remind covered entities and business associates that “the protections of the Privacy Rule are not set aside during an emergency.” The...more

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

Privacy Tuesday – September 2014

Happy autumnal equinox Home Depot Breach – By the Numbers: - 56 million cards at risk (compare to Target = 40 million) - $62 million in estimated costs (compare to Target =$146 million and...more

HIPAA Business Associate Agreements - 7 Things to Know Before the HITECH Deadline

Covered entities and business associates have only until September 22, 2014 to update business associate agreements that were in place as of January 25, 2013. For those members of the health industry and their vendors that...more

Business Associate Agreements May Require Amendment

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

Don’t forget the September 23, 2014 deadline to ensure your Business Associate Agreements comply with the Omnibus Final Rule

Under the Health Insurance Portability and Accountability Act (HIPAA) Omnibus Final Rule published January 25, 2013, 78 Fed.Reg. 5566, Covered Entities (CEs) with Business Associate Agreements (BAAs) that were entered on or...more

Action Required for Covered Entities, Business Associates and Their Subcontractors

Early last year, the Department of Health and Human Services issued final privacy and security regulations (Final Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Final Rule, effective...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

It’s No Surprise: Health Care Data Breaches Are on the Rise and So Is Government Enforcement

In This Issue: - The Take-Aways for Covered Entities and Business Associates - For More Information - Excerpt from The Take-Aways for Covered Entities and Business Associates: As a majority of the...more

HIPAA/HITECH Business Associate Agreements: The Home Stretch

The one-year transition rule expires on September 22, 2014. The final regulations under the HIPAA Privacy, Security, and Enforcement Rules as amended by HITECH, make several changes, including modifying the...more

105 Results
|
View per page
Page: of 5