News & Analysis as of

Do Routine Calls by Health Plans to Patients and Health Plan Members Constitute “Telemarketing” Under the Telephone Consumer...

Covered entities have a long list of laws and regulations governing their conduct, including their communications with patients, customers, and members. Specifically, the Health Insurance Portability and Accountability Act...more

Health Care Group News: OCR Releases New Clarifying Guidance In Response To Orlando Pulse Nightclub Attack

In an emergency, when there is a flurry of activity in a hospital, covered entities often struggle with who they are permitted to release patient information to under HIPAA. On January 11, 2017, the Department of Health and...more

Enough is Enough: Court Dismisses TCPA Class Action Against A Health Plan That Placed Reminder Calls To Its Members That They...

Plaintiffs across the country have continued to file class actions against companies of all stripe for violation of the Telephone Consumer Protection Act (“TCPA”), often for communications far afield from the classic...more

Time Waits for No One: OCR Announces First HIPAA Settlement for Lack of Timely Breach Notification

On Jan. 9, 2017, the Department of Health and Human Services Office for Civil Rights (“OCR”) announced the first HIPAA enforcement action for failure to timely report a breach. Often investigating and making formal...more

Time is of the Essence When Reporting a Breach of PHI

The failure to timely report a breach of unsecured protected health information (PHI) has cost Presence Health (one of the largest health systems in Illinois) almost half of a million dollars. Earlier this month,...more

Looking Back at the HIPAA Resolution Agreements in 2016

In 2016, Health and Human Services’ (HHS) Office for Civil Rights (OCR), the enforcement arm for HIPAA, continued robust enforcement efforts. There were 12 reported resolution agreements (RA) in 2016. An RA is a settlement...more

21st Century Cures Act - HIPAA & Other Privacy Considerations

On December 13, 2016, President Obama signed the 21st Century Cures Act (the Cures Act) into law. The Cures Act addresses a wide range of healthcare topics including clinical research, treatment of mental health and substance...more

AGG Food and Drug Newsletter - December 2016

Arnall Golden Gregory LLP's Food and Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community, including regular updates on legislative initiatives from AGG’s Washington, DC...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

No Phishing: OCR Warns of Phishing Attempts Disguised as Official HIPAA Audit Program Emails

What’s worse than receiving an email indicating that you have been selected for an audit by your favorite government regulator? Clicking on a link in the email and discovering that it is a phishing attack that has just...more

OCR Issues Alerts Regarding Phishing Email Disguised as Official OCR Audit Communication

The HHS Office for Civil Rights (OCR) published an alert on November 28 describing a phishing email being circulated on mock HHS departmental letterhead under the signature of OCR Director Jocelyn Samuels. The email prompts...more

UMass Amherst Settles HIPAA Violations with OCR for $650,000

The Office for Civil Rights (OCR) has announced that the University of Massachusetts Amherst (UMass) has agreed to settle an investigation against it as a result of a malware infection for $650,000, along with implementing a...more

HHS Issues Warning About Phishing Campaign Disguised As Official Communication

As part of its efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) engages in audits of covered...more

Additional Clarification regarding HHS OCR Phishing Email Alert

More information from HHS OCR about the phishing threat... ..On November 28, 2016, the HHS Office for Civil Rights issued a listserv announcement warning covered entities and their business associates about a phishing...more

OCR Alerts Listservs About Fake Phishing Email to Covered Entities and Business Associates

On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more

OCR Issues Alert Regarding Phishing Email Disguised as Official OCR Audit Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Nov. 28 describing a phishing email being circulated on mock HHS departmental letterhead under the signature of OCR...more

HHS OCR Alert: Phishing Email Disguised as Official OCR Audit Communication

This alert just in from HHS OCR: “It has come to our attention that a phishing email is being circulated on mock HHS Departmental letterhead under the signature of OCR’s Director, Jocelyn Samuels. This email appears to...more

OCR Warns of Phishing Campaign Disguised as Official OCR Communication

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published an alert on Monday describing a phishing campaign disguised as an email from OCR. The email is being circulated on mock HHS...more

More on HIPAA Audits for 2016 and 2017–Desk Audits and On-Site Audits

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more

Health Update - November 2016

Post-Election Analysis: Healthcare Antitrust in a Trump Administration - In a Republican sweep of all the elected branches of the federal government, Donald Trump won the presidential election and Republicans retained...more

OCR Stresses Importance of Authentication in Newsletter

In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more

OCR Guidance Underscores Importance of Authentication under HIPAA

In its tenth OCR Cyber Awareness Newsletter of the year (Newsletter), the Office for Civil Rights (OCR) reminded HIPAA-covered entities and business associates of the importance of selecting an appropriate authentication...more

OCR Reminds Companies that Authentication is Key

In non-election news, the Office for Civil Rights (OCR) at the Department of Health and Human Services recently released its November Cyber Awareness Newsletter. This month’s newsletter focuses on the topic of...more

HIPAA Audits – Phase 2: On-Site Audits Scheduled for First Quarter of 2017

Covered Entities and Business Associates may be ringing in the New Year with the prospect of responding to on-site HIPAA audits by federal regulators. The U.S. Department of Health and Human Services Office for Civil Rights...more

GAO Report Criticizes HHS’ HIPAA Cybersecurity Guidance and Program

Recently, the Government Accountability Office (GAO) reviewed the U.S. Department of Health and Human Services’ (HHS) security and privacy oversight and identified significant gaps in the cybersecurity guidance provided by...more

380 Results
|
View per page
Page: of 16
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×