News & Analysis as of

Data Protection Office of Civil Rights Electronic Medical Records

Dickinson Wright

How Did They Get My Protected Health Information?

Dickinson Wright on

It is no secret that protected health information (or “PHI”) is more and more at risk for cybersecurity attacks. In 2022 (the most recent year this statistic is available), the Department for Health and Human Services Office...more

Alston & Bird

HHS and FTC Fire a Warning Shot at Healthcare Companies Using Online Tracking Technologies

Alston & Bird on

On July 20, 2023, the Office for Civil Rights (“OCR”) of the U.S. Department of Health and Human Services (“HHS”), and the Federal Trade Commission (“FTC”) published a joint letter sent to approximately 130 hospital systems...more

Robinson+Cole Data Privacy + Security Insider

OCR Cybersecurity Newsletter Focuses on Controlling Access to ePHI

The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services recently issued its Summer 2021 Cybersecurity Newsletter, which focuses on controlling access to electronic PHI (ePHI) and the HIPAA Security...more

Bricker Graydon LLP

HHS OCR announces results of most recent round of HIPAA audits

Bricker Graydon LLP on

On December 17, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its Industry Report on the HIPAA audits it conducted in 2016 and 2017. OCR found widespread noncompliance with...more

McGuireWoods LLP

OCR Enforcement of HIPAA Security Requirements Continues Despite Pandemic

McGuireWoods LLP on

Two recent settlements of HIPAA violations related to security breaches at a small healthcare provider and a health system highlight the continued HIPAA enforcement priorities of the Department of Health and Human Services’...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Foley & Lardner LLP

COVID-19: HHS Permits Business Associates to Use and Disclose PHI for Public Health and Health Oversight Purposes Without Amending...

Foley & Lardner LLP on

The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more

Saul Ewing LLP

Solo Practitioner Agrees to $100,000 Settlement for HIPAA Security Rule Violations

Saul Ewing LLP on

On March 3, 2020, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announced a $100,000 settlement and corrective action plan with Steven A. Porter, M.D. to resolve potential...more

Epstein Becker & Green

HHS Addresses Federal Court Invalidation of Certain Provisions of the HIPAA rule Relating to the Third-Party Requests for Patient...

Epstein Becker & Green on

On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more

Robinson+Cole Health Law Diagnosis

Texas Health and Human Services Fined $1.6 Million for HIPAA Violations

The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more

Polsinelli

Important Highlights from the NIST/OCR HIPAA Security Conference Last Week

Polsinelli on

Every year, the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services, Office for Civil Rights (OCR) jointly sponsor a conference to “address the dynamic and challenging...more

Burr & Forman

What Have You Done For Me Lately?

Burr & Forman on

What have you done for me lately? Now that the tune is stuck in your head, specifically, have you recently conducted a thorough and up to date risk assessment in accordance with the requirements of the Health Insurance...more

Foley & Lardner LLP

OCR Clarifies Direct Liability for Business Associates under HIPAA

Foley & Lardner LLP on

On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more

Robinson+Cole Data Privacy + Security Insider

OCR Issues Fact Sheet Listing Circumstances in which Business Associates May Face Direct Liability for HIPAA Violations

In a development that may – understandably – have been overlooked by many heading into Memorial Day weekend, on May 24, 2019, the Health and Human Service’s (HHS) Office for Civil Rights (OCR) issued a Fact Sheet on Direct...more

Faegre Drinker Biddle & Reath LLP

Business Associate Failed to Safeguard 3.5 Million Patients’ Medical Records

Medical Informatics Engineering, Inc. and its wholly-owned subsidiaries (MIE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS-OCR) entered into a $100,000 settlement and two-year...more

Jackson Lewis P.C.

EMR Provider Settles OCR Allegations For $100,000; Is Your EMR Provider HIPAA compliant?

Jackson Lewis P.C. on

Many health care providers, including small and medium-sized physician practices, rely on a number of third party service providers to serve their patients and run their businesses. Perhaps the most important of these is a...more

Hogan Lovells

Recap of the OCR/NIST Conference on Safeguarding Health Information

Hogan Lovells on

Regulators provided key insights into enforcement trends and potential changes to HIPAA regulations at the 11th Annual “Safeguarding Health Information: Building Assurance Through HIPAA Security” conference in October...more

Holland & Hart - Health Law Blog

Producing Records of Other Providers

There is a common misunderstanding that healthcare providers may not or should not produce medical records that were created by another healthcare provider. Under HIPAA, patients have a right to access all records that a...more

Mintz - Health Care Viewpoints

OCR Warns Providers About Securely Disposing Electronic Devices

The July 2018 cyber security newsletter issued by the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) reminds health care providers and their business associates of the importance of properly...more

McGuireWoods LLP

Don’t Neglect Physical Safeguards as Part of HIPAA Security Compliance

McGuireWoods LLP on

The HIPAA Security Rule requires covered entities and business associates to implement physical, administrative, and technical safeguards to protect protected health information (PHI). The U.S. Department of Health and Human...more

McGuireWoods LLP

Balancing Convenience and Risk: OCR Issues Statement on Use of Mobile Devices

McGuireWoods LLP on

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) recently issued guidance emphasizing the increased risks of using mobile devices in the workplace when the mobile devices contain or have...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - October 2017 #4

Robinson & Cole LLP on

Energy and Critical Infrastructure Industries Warned of Increased Attacks by FBI and DHS - The FBI and Department of Homeland Security issued a joint statement on October 20, 2017 warning of an increased danger of a...more

McGuireWoods LLP

Lessons Gleaned From Recent HIPAA Settlements: An Ounce of Prevention is Worth a Pound of Cure: How Recent OCR Enforcement...

McGuireWoods LLP on

HIPAA enforcement has been on the rise during the last several years, and the dollar impact of those settlements has continued to grow significantly. The Department of Health and Human Services, Office of Civil Rights (OCR)...more

BakerHostetler

Cloud Service Providers Beware, You May Be Subject to HIPAA Without Knowing It

BakerHostetler on

The use of cloud service providers has exploded in the past several years. According to estimates from Gartner, the market for cloud services is expected to reach $204 billion in 2016. But the use of cloud service providers...more

Ballard Spahr LLP

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

Ballard Spahr LLP on

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

48 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide