Data Breach Protected Health Information

News & Analysis as of

Policyholder Takeaways From Portal

In a solid victory for policyholders, the Fourth Circuit upheld coverage last week for a potential data breach incident involving confidential medical records. The case is The Travelers Indemnity Co. of America v. Portal...more

Fourth Circuit Finds CGL Insurer Has Duty to Defend Cyber Claim

In Travelers Indem. Co. of Am. v. Portal Healthcare Solutions, L.L.C., 2016 U.S. App. Lexis 6554, decided on April 11, 2016, the United States Court of Appeals for the Fourth Circuit found that a commercial general liability...more

Raleigh Orthopedic Clinic settles with OCR for $750,000 for lack of business associate agreement

Consistent with the settlement the OCR agreed to with North Memorial Health Care of Minnesota, the Office for Civil Rights has settled its investigation of Raleigh Orthopaedic Clinic, P.A. (Raleigh Orthopaedic) for $750,000....more

New HIPAA Phase 2 Audits: Targets Notified by Email Only

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more

Wyoming Medical Center victim of phishing scheme affecting 3,184 patients

Phishing incidents in February that may have compromised the data of 3,184 patients, including their names, dates of birth, medical record and account numbers, dates of service and medical information is causing Wyoming...more

Fourth Circuit Upholds Coverage Under CGL Policy for Data Breach Claims

The United States Court of Appeals for the Fourth Circuit (“Fourth Circuit”) recently concluded that an insurer had a duty to defend a health care company that was sued by individuals whose personal health information was...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Keeping Coverage Online: Fourth Circuit Confirms Internet Data Breach Claim Triggers Commercial General Liability Policies

In a clear rejection of insurers’ attempts to artificially narrow the broad coverage provided by commercial general liability (“CGL”) policies, the United States Court of Appeals for the Fourth Circuit recently held that an...more

Ex-Husband's Revenge Leads to HHS Trophy

Patient care is not confined to a single office or exam room, or a single physician or other provider. Caring for patients these days now includes complex coordination among physicians, nurse, technicians, staff, management,...more

When a Published Data Breach is a Covered Data Breach

Can an inadvertent Internet posting of a patient’s medical information trigger insurance coverage for liability stemming from a data-breach class action? The Fourth Circuit held last week that it can, and it added to the...more

Appeals Court Confirms that HITECH Violations Do Not Violate FCA

In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator's claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives...more

U.S. Market Entry for the German Healthcare IT Company

The healthcare market in the United States is massive, with total spending in excess of $3 trillion. Federal government incentives for the adoption of electronic health records has resulted in an increasingly interoperable...more

21st Century Oncology data breach litigation update

We previously reported that 21st Century Oncology suffered a data breach affecting 2.2 million patients and has been sued in at least two class action lawsuits following notification to the patient....more

Sixth Circuit Affirms Dismissal of FCA Claim Based on Health Data Breaches

The U.S. Court of Appeals for the Sixth Circuit recently affirmed the dismissal of a False Claims Act (FCA) case premised on protected health data breaches. In United States ex rel. Sheldon v. Kettering Health Network, the...more

Fourth Circuit Finds Potential Coverage For Data Leak As Publication Under CGL Policy

This week, a Fourth Circuit panel in an unpublished decision validated arguments long made by policyholders: that commercial general liability policies may provide coverage for certain data breach liabilities. In this case,...more

Big Win For Policyholders in Fourth Circuit Finding Duty to Defend Under General Liability Policy for Data Breach!

This week, the Fourth Circuit affirmed the lower court’s ruling of summary judgment in favor of the policyholder Portal Healthcare, finding that Travelers has a duty to defend it under a General Liability policy for a...more

State AGs Upping the Ante on Health (and Other) Information Data Incidents – Expect Increased Enforcement Actions

State attorneys general (AGs) continue to emerge as major regulators of privacy, and increasingly, with respect to compromises of health-related data. Businesses concerned with U.S. customer or employee data have long...more

One Week, $5.45 Million in Resolution Agreements for HIPAA Violations

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) continued its run of resolution agreements for HIPAA violations, pulling in $5.45 million from just two entities, North Memorial Health Care of...more

21st Century Oncology faces second class action suit for data breach of 2.2M records

We previously reported that 21st Century Oncology (21st Century) experienced a data breach of up to 2.2 million patient records that compromised the names, Social Security numbers and health and diagnostic information. It...more

HHS OCR Announces Launch Of Long-Awaited Phase 2 HIPAA Audit Program

On March 21, 2016, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced the launch of its Phase 2 HIPAA compliance audits pursuant to which it will audit covered entities and...more

Class action suit filed against 21st Century Oncology for data breach

We previously reported that 21st Century Oncology had suffered a data breach and notified 2.2 million patients that it had been the victim of a hacking that exposed the names, Social Security numbers, physicians’ names,...more

Feinstein Institute hit with $3.9M fine from OCR for HIPAA violations

Following the investigation of a self-reported data breach involving the loss of an unencrypted laptop containing the protected health information (PHI) of 13,000 individuals, the OCR slammed the New York based biomedical...more

OCR Launches Phase 2 of HIPAA Audits

Five suggested steps healthcare organizations and their contractors should take to prepare. On March 21, the Office of Civil Rights (OCR) of the Department of Health and Human Services launched Phase 2 of the HIPAA Audit...more

Third healthcare entity becomes the victim of ransomware

The list of healthcare entities that have become (and will become) victims of ransomware is rapidly growing. The predictions from experts are that the list will grow exponentially into the future. Last week, Methodist...more

Seven-Figure Settlement Reinforces Necessity of Business Associate Agreements

On March 16, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that North Memorial Health Care of Minnesota (“Memorial”) agreed to pay $1.55 million to resolve allegations that...more

247 Results
|
View per page
Page: of 10
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×