News & Analysis as of

Data Protection HITECH Act Electronic Medical Records

Troutman Pepper

Final Rule Aligns 42 CFR Part 2 with HIPAA and HITECH

Troutman Pepper on

On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more

Polsinelli

Cybersecurity and “Recognized Security Practices”: New Statute modifies HIPAA

Polsinelli on

On January 5, 2020, President Trump signed into law H.R. 7898. This new statute amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Department of Health and Human Services...more

Epstein Becker & Green

HHS Addresses Federal Court Invalidation of Certain Provisions of the HIPAA rule Relating to the Third-Party Requests for Patient...

Epstein Becker & Green on

On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more

Ballard Spahr LLP

HIPAA Enforcement: Where’s the Action?

Ballard Spahr LLP on

Imagine a breach in the privacy of protected health information.  The violation of an individual’s HIPAA rights may be clear, but the individual cannot sue under HIPAA.  Courts have consistently held that HIPAA provides no...more

Jackson Lewis P.C.

“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 For Data Breach Caused By Vendor

Jackson Lewis P.C. on

Last week, New Jersey Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

King & Spalding

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Foley Hoag LLP - Security, Privacy and the...

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Mintz - Health Care Viewpoints

A New Year’s Resolution (And Corrective Action Plan) From OCR: Physician Practice Cited For HIPAA Violations

The Office for Civil Rights (OCR) is closing out 2013 with a reminder of the importance of an effective HIPAA compliance program. On December 26, 2013, OCR announced a resolution agreement with a Massachusetts physician...more

Saul Ewing LLP

Medical practice agrees to payment due to HIPAA data breach

Saul Ewing LLP on

One day after Christmas, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced that a Massachusetts-based dermatology practice (Practice) agreed to a $150,000 payment and entered into a...more

McDermott Will & Emery

New HIPAA Regulations Affect Business Associates and Subcontractors

McDermott Will & Emery on

The Health Insurance Portability and Accountability Act omnibus regulations recently released by the U.S. Department of Health and Human Services have significant ramifications for business associates and subcontractors of...more

Katten Muchin Rosenman LLP

Final HIPAA Rule Has Sweeping Impact on Covered Entities and Business Associates

On January 25, 2013, the Department of Health and Human Services (HHS) published the highly anticipated Health Insurance Portability and Accountability Act (HIPAA) Omnibus Final Rule (the “Final Rule”). The Final Rule...more

Troutman Pepper

The Omnibus Final HIPAA Rule Is Here

Troutman Pepper on

On January 17, 2013, the Office of Civil Rights of the U.S. Department of Health and Human Services (HHS) announced the omnibus final rulemaking (Omnibus Rule). According to HHS, this Omnibus Rule is needed to strengthen...more

Mintz - Health Care Viewpoints

OCR Releases Sample Business Associate Agreement Provisions

The Department of Health and Human Services, Office for Civil Rights (OCR) has posted on its website sample business associate agreement provisions to help covered entities and business associates comply with the new business...more

Morgan Lewis

Final Rules Under HIPAA/HITECH Impact Employer Plans

Morgan Lewis on

Modifications to the rules require action by group health plan sponsors and their vendors, including revisions to policies and procedures and new privacy notices. On January 17, the Office for Civil Rights of the U.S....more

Foley & Lardner LLP

Key Elements of the New “Omnibus” HIPAA Privacy and Security Regulations

Foley & Lardner LLP on

On January 18, 2013, nearly four years after the passage of the HITECH Act and its amendments to HIPAA, and nearly three years after it proposed regulatory amendments, the U.S. Department of Health and Human Services (“HHS”)...more

Manatt, Phelps & Phillips, LLP

HIPAA Omnibus Rule Reshapes Landscape for Health Care Privacy, Security Compliance

Originally published in Health IT Law & Industry Report, on January 23, 2013. On Jan. 17, 2013, the Office for Civil Rights of the U.S. Department of Health and Human Services (‘‘HHS’’) issued a long-awaited omnibus rule...more

BakerHostetler

Be Prepared: Redline Version of the HIPAA/HITECH Final Rule

BakerHostetler on

The final rule is significant for any organization that is considered to be a HIPAA covered entity (“CE”) (health systems, health care providers, health plans, etc.) or the more broadly defined business associate (“BA”)....more

BakerHostetler

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

BakerHostetler on

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

Morgan Lewis

OCR Reaches $50,000 Settlement with Hospice for Small Data Breach

Morgan Lewis on

Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more

BakerHostetler

OCR's Breach Settlement the First Ever Involving Less than 500 Patients

BakerHostetler on

OCR started 2013 with a bang by announcing that it had reached “the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500 individuals” with the Hospice of...more

21 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide