News & Analysis as of

OIG Report Takes Issue With Oversight of Security Controls for Electronic Health Records

HHS Office of Inspector General (OIG) recently released a report concluding that the entity responsible for overseeing the testing and certification process for electronic health records (EHRs) did not fully ensure that...more

News from the Health Law Gurus™

Former Walmart Exec to Help Manage HHS — Leslie Dach, former Executive Vice President of Corporate Affairs for Walmart, will assume the role of Senior Counsel of the HHS, according to a press release on Wednesday. ...more

New HIPAA Reports to Congress Shed Light on OCR Enforcement

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued two reports to Congress, as required by the HITECH Act. The compliance report details OCR’s enforcement activities for 2011 and 2012 and...more

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

Enforcement Action – FTC Is Not Backing Down and Laboratory Company Goes After a Cyber-Intelligence Company

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is not the only government arm that enforces data breaches. The Federal Trade Commission (FTC) has broad authority to regulate the security of...more

Proposed modifications to EHR Incentive Programs

Last year, HHS revised policies and definitions surrounding what constitutes certified EHR technology—required for meaningful use incentive program payment eligibility—from the 2011 Edition criteria to the 2014 Edition...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

Advertising Law - May 2014

Here Today, Still Here Tomorrow: FTC Settles With Snapchat - Now you see it … and now it’s still there. Mobile messaging app Snapchat went with a catchier slogan, promising consumers that pictures and videos...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Regulatory double jeopardy? FTC enforcement of privacy and security in healthcare

How should health care companies strengthen their HIPAA compliance programs to manage the risk of a potential FTC investigation? While the U.S. Department of Health and Human Services (HHS) Office for Civil Rights...more

HHS OCR Settles Post-Data Breach Investigation for Record $4.8M

On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more

We have seen this movie before ….. and we all should know that it does not end well.

How much is the cost of doing nothing when it comes to encryption of sensitive data? In the case of electronic protected health information, about $2 million. Two companies have been hit with fines equaling a total...more

HHS announces new risk assessment tool for HIPAA security compliance

Recently, the Department of Health and Human Services released an interactive security risk assessment tool intended to assist employers who sponsor self-insured group health plans in complying with their HIPAA security rule...more

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action. Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon...more

No More Excuses: Encrypt Your Laptops or Pay Big $

Two companies were hit with fines equaling a total of almost $2 million to settle alleged Health Insurance Portability and Accountability Act (HIPAA) violations involving stolen, unencrypted laptops, the U.S. Department of...more

Finally…FDASIA Health IT Regulation Report Released

The U.S. Food and Drug Administration (FDA), along with HHS’ Office of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC, together with FDA and ONC, the...more

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

New HIPAA Tool Released by the Federal Government – Makes Assessing Risks Easier and It Won’t Cost You a Dime

Do you lie awake at night wondering if you or the health care entity for which you work is complying with the Health Insurance Portability and Accountability Act (“HIPAA”)? If so, you will be happy to hear that a good night’s...more

HHS releases Security Risk Assessment Tool to Help Providers with HIPAA Compliance

In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more

HIPAA Security Risk Assessment Tool Released by HHS

HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more

New Resource Available to Providers for HIPAA Security Rule Compliance

On March 28, 2014, the U.S. Department of Health and Human Services (“HHS”) announced the release of a security risk assessment (“SRA”) tool to assist small- to mid-sized providers in conducting risk assessments of their...more

HHS's New Security Risk Tool for HIPAA Compliance

On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more

Government Releases New Tool to Assist with HIPAA Security Rule Risk Assessments

The Office of Civil Rights (OCR), in collaboration with the HHS Office of the National Coordinator for Health Information Technology (ONC) and the Office of General Counsel (OGC), released a new security risk assessment (SRA)...more

Trustee Alert – HIPAA EDI Certification Proposed Rule

The Trust's business associates who perform electronic transactions on its behalf are required to follow certain HIPAA standards and operating rules. A recently published proposed rule introduces a new requirement to submit...more

Counties Beware – Your Governmental Status Does Not Protect You from Liability for a HIPAA Breach

As a county government, you may think that you have the protection of sovereign immunity and protection from other governments penalizing you. Your status does not protect you. The Department of Health and Human Services...more

131 Results
|
View per page
Page: of 6