News & Analysis as of

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

Health Care E-Note - September 2014

In This Issue: - Doctors, Insurers Critical of Medicare Physician Fee Schedule - Health Spending Expected to Increase Modestly Over Next Decade - U.S. Hospitals Have Highest Administrative Costs...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Health Care Update - September 2014

In This Issue: - HealthCare.gov Hacking Breach - Implementation of the Affordable Care Act - Other Federal Regulatory Initiatives - Other Congressional and State Initiatives - Other Health...more

Privacy Monday – September 2014

Back to school, back to traffic jams … back to Privacy Mondays! Our look at bits and bytes and goofs and gaffes in data privacy and security....more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Chinese Hackers Infiltrate Health System Network – Information of 4.5 Million Individuals Stolen

Community Health Systems, Inc. (“CHS”) reported yesterday that the information of approximately 4.5 million individuals has been affected by a Chinese cyber-attack. CHS and its affiliates own and operate 206 hospitals in 29...more

It’s No Surprise: Health Care Data Breaches Are on the Rise and So Is Government Enforcement

In This Issue: - The Take-Aways for Covered Entities and Business Associates - For More Information - Excerpt from The Take-Aways for Covered Entities and Business Associates: As a majority of the...more

Rhode Island Hospital Reaches Settlement with Massachusetts AG to Resolve Data Security Allegations

Last week, Women & Infants Hospital of Rhode Island (“W&I”) reached a settlement with the Massachusetts Attorney General to resolve allegations that W&I failed to adequately protect personal data stored on unencrypted backup...more

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

HIPAA Data Breaches

HIPAA has been on the books since 1996. With the advent of electronic health records, HHS adopted security regulations to require covered entities to protect the integrity, confidentiality, and availability of electronic...more

Five Lessons from OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

Last week, the HHS Office of Civil Rights (OCR) released two reports required by the Health Information Technology for Economic and Clinical Health (HITECH) Act: (i) the Annual Report to Congress on Breaches of Unsecured...more

Human Error Biggest Threat to Patient Data Security and Privacy

Human error remains the biggest threat to healthcare data privacy, according to the latest study on patient privacy and data security by the Ponemon Institute. Healthcare organizations also continue to struggle with...more

Stolen Patient Information on Hospital Computer Not Considered “Medical Information” by California Appellate Court

The California Court of Appeal recently held that the release of an index identifying hospital patients did not constitute the release of medical information under California’s Confidentiality of Medical Information Act...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

Health Update - May 2014

Litigation Arising from the Affordable Care Act: The Blessing and Curse of Interesting Times - The Affordable Care Act (ACA) has brought the most sweeping changes to the healthcare delivery and payment systems in the...more

New York Hospitals to Pay Record $4.8 Million for HIPAA Data Breach

In the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date, two New York hospitals have agreed to pay $4.8 million to settle allegations that they failed to secure thousands of patients’...more

The New Normal: Big Data Comes of Age

On May 1, 2014, the White House released two reports addressing the public policy implications of the proliferation of big data. The first report is by the Executive Office of the President, entitled “Big Data: Seizing...more

HHS OCR Settles Post-Data Breach Investigation for Record $4.8M

On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more

Health Law Insights Newsletter - April 2014

In This Issue: - Federal Updates - State Updates - HIPAA Updates - Excerpt from Centers for Medicare & Medicaid Services Issues Guidance for Meaningful Use Hardship Exception: The Centers...more

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action. Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon...more

Eye on Privacy Newsletter - March 2014

In this issue: - Kaiser Foundation Health Plan Settles California Attorney General Charges over Delayed Data Breach Notification - Status of the EU Regulation and the Safe Harbor Framework - FTC Steps...more

66 Results
|
View per page
Page: of 3