News & Analysis as of

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Florida Legislature Passes Stringent New Data Breach Law

On April 30, the Florida Legislature passed Senate Bill 1524, otherwise known as the Florida Information Protection Act of 2014. If signed by the governor, starting July 1, this bill will impose stringent new requirements on...more

Can covered entities run Windows XP and remain HIPAA compliant?

Microsoft recently announced that, after April 8, 2014, it will not longer provide security updates or technical support for Windows XP. Microsoft’s statement that “businesses that are governed by regulatory obligations such...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Looking At The Past To Predict The Future Of HIPAA/HITECH Enforcement

2013 was a busy year for the Department of Health and Human Services (“HHS”). On January 17, 2013, HHS issued its Final Omnibus Rule, substantially modifying the Privacy, Security and Enforcement Rules promulgated by the...more

How To Catch-Up in a Revised HIPAA World

The HIPAA final omnibus rule (Omnibus Rule) made sweeping changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules earlier this year. Although the compliance deadline of September 23, 2013 has come...more

OCR Releases Model Notices of Privacy Practices

Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more

Checklist for Covered Entities and Business Associates

As the countdown to the compliance deadline for the Health Information Technology for Economic and Clinical Health (HITECH) Act Omnibus Rule begins, we offer the following as a reminder of tasks that covered entities,...more

Federal Data Breach Legislation Introduced, But Will It Go Anywhere?

Last week Senator Pat Toomey (R-PA), along with one Independent and six other Republican Senators, introduced the “Data Security and Breach Notification Act of 2013.”...more

HIPAA, Business Associates, and the Cloud

Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule....more

Think You’re Not Covered by HIPAA? Think Again.

The Department of Health and Human Services recently amended the Health Insurance Portability and Accountability Act regulations (“HIPAA Rules”) in a way that may make many companies, particularly those in the technology...more

HIPAA/HITECH Final Rule - Assessing Your Organization's Compliance Readiness

The long awaited HIPAA/HITECH Final Rule became effective March 26, 2013, but covered entities, business associates and subcontractors will have until September 23, 2013, to fully comply. ...more

The HIPAA Omnibus Final Rule—Data Privacy and Security Implications for Business Associates and Covered Entities

On January 17, 2013, the Office for Civil Rights (‘‘OCR’’) of the U.S. Department of Health and Human Services (‘‘HHS’’) published the HIPAA Omnibus Final Rule (‘‘Final Rule’’) which OCR has trumpeted as carrying ‘‘the most...more

The HIPAA/HITECH Final Rule has arrived!

If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more

Birmingham Medical News: I-Phone Or HIPAA-Phone?

With the recent issuance of the long-awaited final rule by the Department of Health and Human Services ("HHS"), the protection of patient information has been a hot topic among the health care industry the past few months....more

Newly Effective HIPAA Omnibus Rule Makes Sweeping Changes to HIPAA

The long-awaited final omnibus rule (Omnibus Rule) that modifies the Health Insurance Portability and Accountability Act of 1996 (HIPAA) [1] took effect last week, on March 26, 2013. Leon Rodriguez, Director of the U.S....more

Time to Take Advantage of HIPAA Omnibus Rule's "Good News": Fundraising, Research, and Student Immunization Records

The Omnibus Rule went into effect on March 26, 2013. While covered entities and business associates have until Sept. 23, 2013, to comply with new restrictions and obligations, they can take advantage of the rule’s benefits...more

Special Edition: Health Law Update - February 28, 2013

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

PHI Breach Reporting Deadline is March 1, 2013

To comply with the HITECH breach notice requirements, HIPAA covered entities are required to report all small breaches of unsecured protected health information (“PHI”) that occurred in calendar year 2012 to the U.S....more

Significant Changes to HIPAA Effective March 26, 2013

The following is a summary of the major changes to HIPAA under the new Final Rule: 1. Breach Notification Standard Lowered — In perhaps the most significant change under the Final Rule, the new regulations considerably...more

New HIPAA Omnibus Regulations – What Employers Who Sponsor Group Health Plans Need to Know to Comply

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

Employers Take Note: Final HIPAA Rules Mandate New Obligations for Group Health Plans

Group Health Plans - Employers that sponsor group health plans for their employees should pay careful attention to the newly announced final omnibus rule amending the Health Insurance Portability and Accountability Act...more

OCR Issues Final Modifications to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules to Implement the HITECH...

On January 25, 2013, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published a final rule (Final Rule) containing modifications to the privacy standards (Privacy Rule), security...more

HIPAA Rules Overhaul Ups Compliance Ante

Originally posted in Hartford Business Journal on February 11th, 2013. Attention all medical providers, hospitals and any other covered entity or business associate under HIPAA. On Jan. 17, the U.S. Department of Health...more

65 Results
|
View per page
Page: of 3