News & Analysis as of

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Looking At The Past To Predict The Future Of HIPAA/HITECH Enforcement

2013 was a busy year for the Department of Health and Human Services (“HHS”). On January 17, 2013, HHS issued its Final Omnibus Rule, substantially modifying the Privacy, Security and Enforcement Rules promulgated by the...more

How To Catch-Up in a Revised HIPAA World

The HIPAA final omnibus rule (Omnibus Rule) made sweeping changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules earlier this year. Although the compliance deadline of September 23, 2013 has come...more

Checklist for Covered Entities and Business Associates

As the countdown to the compliance deadline for the Health Information Technology for Economic and Clinical Health (HITECH) Act Omnibus Rule begins, we offer the following as a reminder of tasks that covered entities,...more

In $1.7M WellPoint Settlement, HHS Warns Covered Entities on Change Management

On July 8, 2013, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) entered into a $1.7 million resolution agreement with WellPoint over a 2009-2010 security breach....more

Federal Data Breach Legislation Introduced, But Will It Go Anywhere?

Last week Senator Pat Toomey (R-PA), along with one Independent and six other Republican Senators, introduced the “Data Security and Breach Notification Act of 2013.”...more

The HIPAA Omnibus Final Rule—Data Privacy and Security Implications for Business Associates and Covered Entities

On January 17, 2013, the Office for Civil Rights (‘‘OCR’’) of the U.S. Department of Health and Human Services (‘‘HHS’’) published the HIPAA Omnibus Final Rule (‘‘Final Rule’’) which OCR has trumpeted as carrying ‘‘the most...more

Special Edition: Health Law Update - February 28, 2013

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

PHI Breach Reporting Deadline is March 1, 2013

To comply with the HITECH breach notice requirements, HIPAA covered entities are required to report all small breaches of unsecured protected health information (“PHI”) that occurred in calendar year 2012 to the U.S....more

Significant Changes to HIPAA Effective March 26, 2013

The following is a summary of the major changes to HIPAA under the new Final Rule: 1. Breach Notification Standard Lowered — In perhaps the most significant change under the Final Rule, the new regulations considerably...more

New HIPAA Omnibus Regulations – What Employers Who Sponsor Group Health Plans Need to Know to Comply

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

Employers Take Note: Final HIPAA Rules Mandate New Obligations for Group Health Plans

Group Health Plans - Employers that sponsor group health plans for their employees should pay careful attention to the newly announced final omnibus rule amending the Health Insurance Portability and Accountability Act...more

OCR Issues Final Modifications to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules to Implement the HITECH...

On January 25, 2013, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published a final rule (Final Rule) containing modifications to the privacy standards (Privacy Rule), security...more

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

HIPAA Rules Overhaul Ups Compliance Ante

Originally posted in Hartford Business Journal on February 11th, 2013. Attention all medical providers, hospitals and any other covered entity or business associate under HIPAA. On Jan. 17, the U.S. Department of Health...more

HIPAA Final Omnibus Rule – published Jan. 25, 2013

Six Points Health Care Professionals and Organizations (and those who do business with them) Need To Know NOW: - Possible fines have increased dramatically. Under prior law, fines were capped at $100 per violation, with...more

Breaking Down The HIPAA Rule Changes: Part 3 Of 5 Modifications To The Breach Notification Rule

In This Issue: - Definition of “Unsecured Protected Health Information” - Notice Requirements - Action Items to Comply with the Breach Notification - Excerpt from Definition of “Unsecured Protected Health...more

HIPAA Minimum Necessary Standard Should Be Key Component of Policies and Procedures, Now More Than Ever

On January 17, 2013, the U.S. Department of Health and Human Services ("HHS") announced the final omnibus rule amending the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") in accordance with the HITECH...more

Final HIPAA Regulations: What's Changed (and What Hasn't) for Group Health Plans

The Office for Civil Rights of the Department of Health and Human Services (“OCR”) has issued final regulations modifying the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security, Breach...more

HIPAA Risk Analysis

HIPAA relies heavily on risk analysis in multiple contexts. For example, risk analysis has a major role in the Breach Notification Rule under the new regulations issued by the U.S. Department Health and Human Services on...more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Changes to the HIPAA Breach Notification Rule - Background: The HITECH Act required Covered Entities to notify individuals, HHS, and in some cases, the media, of a Breach of Unsecured PHI. A Business Associate is...more

HIPAA Alert: Breach & Notification Requirements

As discussed in the previous HIPAA alert, a final, 563-page Omnibus HIPAA Rule was released by the Department of Health and Human Services Office of Civil Rights to strengthen HIPAA’s security and privacy protections. The...more

New HIPAA Rules Expand Breach Notification Requirements

If your company is subject to HIPAA, new rules published by the Department of Health and Human Services (“HHS”) will require changes in your policies and practices regarding data breaches....more

McAfee & Taft Healthcare Industry Alert: New HIPAA regulations - Begin your compliance review now

On January 17, 2013, the Department of Health and Human Services issued a final rule amending the Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations and implementing the Health...more

Breaking Down The HIPAA Changes: Part 1 Of 5 What Covered Entities And Business Associates Need To Do To Comply With The Final...

In This Issue: - Brief Overview of Key Modifications in the Final Rule - Suggested Action Items for Compliance with the Final Rule ..Covered Entities ..Business Associates - Consequences of Noncompliance...more

48 Results
|
View per page
Page: of 2