Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

To Encrypt or Not to Encrypt—A $2 Million Question with a Simple Answer, HHS Says

The Department of Health and Human Services (“HHS”) just announced a pair of settlements arising out of the theft of two laptops containing protected health information (“PHI”). Two entities, Concentra Health Services...more

Minimum Necessary and the Breach Standard

When the new HITECH rules came out OCR specifically said, “...uses or disclosures that impermissibly involve more than the minimum necessary information...may qualify as breaches.” But what exactly is the minimum necessary...more

Treating Mental Illness? Special Privacy Considerations Apply to Healthcare Providers

Decisions and unresolved questions about when and how to share information about mental illness treatment continue to make headlines. A variety of groups, including health care providers, law enforcement and mental health...more

The Affordable Care Act—Countdown to Compliance for Employers, Week 36: Hacking the Affordable Care Act’s $100/Day Penalties for...

Particularly with the issuance of final regulations under the Affordable Care Act’s employer shared responsibility rules, employers have been concerned—justifiably—with the pay-or-play penalties. ...more

OCR Announces the Results from it's Pilot Audit and it's Plans For Next Year

The Office of Civil Rights Audit Pilot Program has come to an end with 115 audits, primarily in person, having been completed. The Pilot Program had multiple revelations in privacy, some of which were probably, not so...more

HIPAA Impaired Providers and the ER - What Happens When Your Employee Becomes Your Patient?

I was speaking this week at IAHIMA’s Annual Conference on the issues relating to HIPAA audits and recent updates from OCR and ONC. As part of my program we typically solicit questions prior to the presentation, most of which...more

HHS releases new software for updating (but not replacing) HIPAA security risk assessment toolkits

Last week, the Department of Health and Human Services (HHS) released a new, free, downloadable tool to assist small and medium-size health care provider offices to conduct security risk assessments (SRA)....more

Free HIPAA Help

Health care providers, health plans, business associates, and other entities affected by the federal HIPAA privacy and security regulations are quickly running out of excuses for not having a robust HIPAA compliance program...more

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

New HIPAA Tool Released by the Federal Government – Makes Assessing Risks Easier and It Won’t Cost You a Dime

Do you lie awake at night wondering if you or the health care entity for which you work is complying with the Health Insurance Portability and Accountability Act (“HIPAA”)? If so, you will be happy to hear that a good night’s...more

Government targets ‘risky business’ with free HIPAA assessment tool

Last week, the Office for Civil Rights of the U.S. Department of Health and Human Services released a toolkit for covered entities and business associates to use to perform a security risk assessment. The HIPAA Security Rule...more

No More Excuses: HHS Issues New HIPAA Tool for Small Businesses

Three U.S. Department of Health and Human Services (“HHS”) agencies, the Office for the National Coordinator for Health IT (“ONC”), in conjunction with the Office for Civil Rights (“OCR”) and the Office of the General Counsel...more

ONC’s Security Risk Assessment Tool Is Useful but Could Be Improved

The Office of the National Coordinator for Health Information Technology (ONC) released a Security Risk Assessment Tool (SRA Tool) on March 28. According to the User Guide for the SRA Tool, the Tool is designed to help small...more

ACA, HIPAA, COBRA and HSA Penalties: What Do They Mean?

What do all of these acronyms stand for and why do employers and human resource professionals care? These acronyms stand for statutory requirements which apply to employer-provided health plans and stiff penalties can apply...more

First Glance: Legal Implications of the Heartbleed OpenSSL Bug?

The vulnerability caused by the Heartbleed bug circumvents the purpose of OpenSSL: encryption. Therefore, the conclusion would appear to be that any data breach during the time of OpenSSL vulnerability would be reportable...more

Is Your HIPAA Compliance Program Going Out the Window with XP?

April 8, 2014 marks the end of Microsoft’s support for the Windows XP operating system, which means the end of security updates from Microsoft and the beginning of new vulnerability to hackers and other intruders into systems...more

New Round of HIPAA Audits To Begin Later This Year

The Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced it will resume its HIPAA compliance audit program — launched as a pilot program in 2012 — on a permanent basis in 2014. In...more

Hot Off the Press: Tool to Help Providers Conduct Security Risk Assessments

What’s Happening? The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR), recently released a jointly developed tool designed to assist...more

Also in the News

MACs to Hold Claims for MPFS Services for Ten Business Days Beginning April 1, 2014 – According to Medicare Learning Network Connects eNews, pending the outcome of the SGR Doc Fix legislation (discussed in more detail in...more

HHS releases Security Risk Assessment Tool to Help Providers with HIPAA Compliance

In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more

HIPAA Security Risk Assessment Tool Released by HHS

HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more

New Resource Available to Providers for HIPAA Security Rule Compliance

On March 28, 2014, the U.S. Department of Health and Human Services (“HHS”) announced the release of a security risk assessment (“SRA”) tool to assist small- to mid-sized providers in conducting risk assessments of their...more

OCR Clarifies Permitted Disclosures, Including Mental Health Care

The disclosure of mental health records and other disclosure-related issues tends to be less than clear for providers in their efforts to comply with the federal privacy rules. Such issues relate to appropriate disclosures to...more

OCR to Resume HIPAA Audits. Get Ready Now!

In a Feb. 24 notice in the Federal Register, the HHS's Office for Civil Rights (OCR) announced its intention to resume its HIPAA Audit Program. By and large, the audit program has been inactive since December 2012, when OCR...more

HIPAA Security Risk Analyses

As noted in Paul Kim and Hannah Whitman Clark's article regarding HIPAA Security Risk Analyses, CEs and BAs are required to review and update their risk assessments only under certain conditions after completing their initial...more

541 Results
|
View per page
Page: of 22