News & Analysis as of

Polsinelli Podcasts - Confusion to Clarity on the Future of the 340B Program [Video]

Polsinelli Podcast Explores Upcoming Webinar Covered entities and drug manufacturers expected the Health Resources and Services Administration (HRSA) to issue its much anticipated mega-reg for the 340B Program in June....more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

New ICD-10 Compliance Date Set for October 1, 2015

On July 31, 2014, CMS issued a final rule moving the ICD-10 compliance date from October 1, 2014 to October 1, 2015, and requiring HIPAA covered entities to continue to use ICD-9 through September 30, 2015. The final rule...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Are your HIPAA ducks in a row? The next round of OCR HIPAA audits is approaching

In 2011 the Department of Health and Human Services’ Office for Civil Rights (OCR) established the HIPAA Pilot Audit Program to ensure compliance with HIPAA’s privacy, security and breach notification rules. The first...more

HRSA Issues Interpretive Rule on 340B Drug Pricing Program

On July 21, 2014, the Health Resource and Services Administration (HRSA) within the U.S. Department of Health and Human Services (HHS) issued a new interpretive rule addressing the treatment of orphan drugs by certain...more

HIPAA Data Breaches

HIPAA has been on the books since 1996. With the advent of electronic health records, HHS adopted security regulations to require covered entities to protect the integrity, confidentiality, and availability of electronic...more

Promises of Enhanced HIPAA Enforcement by HHS Illustrated by a Recent Record-Breaking Settlement Agreement and Increased Focus on...

An attorney from the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS) recently disclosed that covered entities could face increased scrutiny for HIPAA violations in 2014. Specifically, the...more

HHS to Continue Enforcing Orphan Drug Exclusion from 340B Program

The Department of Health and Human Services (HHS) through its Office of Health Resources and Services Administration (HRSA) announced last week that, although a court recently struck down its regulation addressing application...more

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

Federal Court Vacates 340B Rule Regarding Orphan Drugs

On May 23, 2014, the U.S. District Court for the District of Columbia issued a Memorandum Opinion in Pharmaceutical Research and Manufacturers of America v. United States Department of Health and Human Services, et al. At...more

340B Drug Discount Program Orphan Drug Rule Vacated: ACA “New” Covered Entity Types No Longer Authorized to Purchase Orphan Drugs...

The D.C. District Court permanently enjoined the U.S. Department of Health & Human Services (HHS) Health Resources and Services Administration (HRSA) from implementing its July 23, 2013 final rule on “exclusion of Orphan...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Two Health Care Organizations Pay Largest HIPAA Fine at $4.8 Million Resulting from Unsecured Shared Network

New York-Presbyterian Hospital and Columbia University entered into a settlement with the Department of Health and Human Services’ Office of Civil Rights (OCR) to resolve allegations that the organizations had violated the...more

Server Breach Makes ePHI Accessible on Google, Costs Covered Entities $4.8 Million

It would be pretty unsettling if your patient status, vital signs, medications, and laboratory results were available for the world to see on Google, wouldn’t it? According to recent settlement agreements announced by the...more

Coming Fall 2014: HHS Launches Permanent Audit Program

Beginning in the Fall of 2014, a substantial number of covered entities and business associates will receive a notification and data request from the Health and Human Services' (HHS) Office for Civil Rights (OCR). According...more

Theft Of Unencrypted Laptops Leads To Two HHS Settlements Totaling Nearly $2 Million

On April 22, the U.S. Department of Health and Human Services (HHS) announced settlements with both Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). Through these latest settlements, HHS is reiterating...more

Free HIPAA Help

Health care providers, health plans, business associates, and other entities affected by the federal HIPAA privacy and security regulations are quickly running out of excuses for not having a robust HIPAA compliance program...more

Future OCR Audits Have Little in Common With Previous Round—Here’s How to Prepare

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

HIPAA Housekeeping - Don't Forget Your Annual Report of Small Breaches

If you are a "covered entity" under the Health Insurance Portability and Accountability Act ("HIPAA") and suffer a breach of protected health information, one of your first reactions should be to count the number of affected...more

Recent HIPAA Settlement Highlights Danger of Failure to Perform Security Risk Assessments, Implement HIPAA Policies and Train...

A recent Health Insurance Portability and Accountability Act ("HIPAA") settlement, which is notable as the first HIPAA settlement with a covered entity for failure to have policies and procedures in place to comply with...more

Covered Entity Fined $150,000 For Stolen Unencrypted Thumb Drive

HHS recently announced that it fined a dermatology practice $150,000 for failing to reasonably safeguard an unencrypted thumb drive and failing to conduct an accurate and thorough risk analysis of electronic PHI....more

340B Drug Pricing Program Developments in the New Year

On January 9, 2014, the Health Resources and Services Administration (HRSA) posted an update on its current and anticipated 340B drug pricing program (340B) program integrity efforts.1 The update includes a discussion of...more

Looking At The Past To Predict The Future Of HIPAA/HITECH Enforcement

2013 was a busy year for the Department of Health and Human Services (“HHS”). On January 17, 2013, HHS issued its Final Omnibus Rule, substantially modifying the Privacy, Security and Enforcement Rules promulgated by the...more

HHS Closes Out 2013 with 6th Resolution Agreement

Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs....more

74 Results
|
View per page
Page: of 3