News & Analysis as of

HIPAA in the Time of Ebola

Ebola has recently been the source of much concern, and health care providers and hospitals are taking steps to prepare themselves for the possibility of treating patients with Ebola. In addition to all of the medical...more

Ebola or Not, Patient Privacy Must Be Protected: Office for Civil Rights Issues Bulletin on HIPAA Requirements in Emergency...

In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued a new bulletin reminding HIPAA-covered entities and their business associates that the...more

Blog: Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach...more

Rules for CME, Revises List of Data Elements to be Reported

Last Friday, the Centers for Medicare & Medicaid Services (CMS) published a final rule with comment period addressing, among other issues, changes to the reporting and data collection requirements imposed upon “applicable...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Realizing the Potential of Telemedicine in China, Part 2: Data Privacy and Security

The Chinese market presents a tremendous opportunity for U.S. hospitals and providers, as long as the intricacies of data privacy and security issues are thoroughly understood. This includes Chinese regulations regarding...more

Blog: Federal Advisory Group Considers Patient Data Standards

This week, the Privacy and Security Workgroup within the Health IT Policy Committee was tasked by the U.S. Department of Health and Human Services (“HHS”) to discuss certain patient data protections. Specifically, they were...more

Government Conference Highlights Need for Protecting Health Information

The National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently highlighted the importance of protecting health information at the...more

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

Talk Amongst Yourselves: HIPAA Does Not Preempt Florida Med Mal Presuit Authorization Law

The United States Court of Appeals for the Eleventh Circuit recently concluded that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) does not prevent the application of a Florida law requiring...more

“LoProCo”, 12,915 Complaints, and Other Lessons from OCR/NIST

12,915 complaints were reported in 2013 to the Department of Health and Human Services Office of Civil Rights (“OCR”) according to Illiana L. Peters, Senior Adviser for HIPAA Compliance and Enforcement. Cozen O’Connor...more

Recent Trends in HIPAA Liability

Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including an increase in so-called “high-impact...more

Healthcare Legal News: Volume 4, Number 3 - Special Issue: HIPAA Update

Recent Trends in HIPAA Liability - Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including...more

A New Sheriff in Town: Federal Trade Commission Enforcement of Medical Information Security

A recent court decision found that the Federal Trade Commission (FTC) has authority to enforce the requirements for security of Protected Health Information, or PHI, as defined under the Health Information Portability and...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

Massachusetts Enforces Data Security Regulations Against Out-of-State Entity

On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with an out-of-state Rhode Island hospital, Women & Infants Hospital of Rhode Island (“WIH” or the “Hospital”), resolving a lawsuit against WIH...more

Rhode Island Hospital’s Breach of Health Information Leads to Settlement with Massachusetts Attorney General

On July 23, 2014, the Massachusetts attorney general announced a settlement with Women & Infants Hospital of Rhode Island (WIH) over the loss of unencrypted backup tapes. WIH agreed to pay $150,000 and undertake numerous...more

Appellate Court Rules Medical Information Must Actually Have Been Viewed by an Unauthorized Person for a Plaintiff to Recover...

The California Court of Appeal recently held that in order to recover under California’s Confidentiality of Medical Information Act (CMIA), Civ. Code §§ 56 et seq., a plaintiff must plead and prove that the “stolen medical...more

10 Popular Reads Covering Latest European Union Developments

Recap of popular updates covering latest developments in the European Union....more

A Whistleblower Hotline can protect against medical identity theft

Last year, medical identity theft affected nearly two million Americans - 32% more than the year before. This is a staggering number! And considering that today, medical identity theft accounts for 43% of all identity theft...more

eHealth closer with electronic health privacy rules

eHealth is closer to become a reality in Italy with the approval by the Italian Data Protection of the decree providing the requirements for electronic health records systems. We had already discussed in this post...more

207 Results
|
View per page
Page: of 9