Electronic Medical Records Dept. of Health and Human Services

News & Analysis as of

Beware of Phishing Email Disguised as Official OCR Audit Communication

The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has posted an alert (and a follow-up alert) warning health plans, health care providers, and their vendors of a mock communication...more

HIPAA Settlement Emphasizes Importance of Accurate Hybrid Entity Designations

On November 22, 2016, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that University of Massachusetts Amherst (UMA) agreed to settle allegations relating to the HIPAA Privacy...more

Cloud Service Providers Beware, You May Be Subject to HIPAA Without Knowing It

The use of cloud service providers has exploded in the past several years. According to estimates from Gartner, the market for cloud services is expected to reach $204 billion in 2016. But the use of cloud service providers...more

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

Confusing Joint Guidance published by OCR and FTC on HIPAA Authorization Forms

There are arguments that there is a dearth of guidance by both the Office for Civil Rights (OCR) and Federal Trade Commission (FTC), so when guidance comes out, we listen. But the most recent guidance jointly issued by the...more

HHS Publishes New Guidance on HIPAA and Cloud Computing

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Small-Breach Focus Shows Growing Scope Of HIPAA Probes

Flexing yet more enforcement muscle under the Health Insurance Portability and Accountability Act, on Aug. 18, 2016, the U.S. Department of Health and Human Services Office for Civil Rights announced that it will more widely...more

HSS Issues New Guidance on Ransomware Attacks Against HIPAA-Covered Entities

Ransomware attacks at hospitals and other healthcare facilities have dramatically increased over the last several years, putting healthcare providers in the uncomfortable position of having to consider paying thousands of...more

HIPAA Hat Trick: Security Violations Lead to Three Major Settlements

Look no further than the last three weeks for proof that HIPAA enforcement is on the rise. Failure to maintain the security of information systems containing patient information has cost healthcare providers over $10...more

Illinois Revises Data Privacy Statute

Earlier this year, Illinois enacted a number of changes to the Illinois Personal Information Protection Act (“PIPA”). The amendments to PIPA, among other things, expand the definition of personal information subject to...more

Health Update - July 2016

The Vulnerability of Healthcare Information - According to a report the Brookings Institute issued in May 2016, 23% of all data breaches occur in the healthcare industry. Nearly 90% of healthcare organizations had some...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Health Law Insights Newsletter - Issue 10 - June 2016

McCarter & English, LLP’s Health Care Group presents Issue 10 of the Health Law Insights, which discusses the latest legal issues in the health care industry. NATIONAL - Drug Diversion Case Raises Red Flags for...more

Ex-Husband's Revenge Leads to HHS Trophy

Patient care is not confined to a single office or exam room, or a single physician or other provider. Caring for patients these days now includes complex coordination among physicians, nurse, technicians, staff, management,...more

OIG Identifies Top 25 Unimplemented Recommendations for HHS Cost Savings/Quality Improvements

The OIG has released the 2016 edition of its “Compendium of Unimplemented Recommendations,” which identifies what the OIG considers to be its top 25 unimplemented recommendations in terms of HHS program savings and/or quality...more

HHS proposes updates to confidentiality of Part 2 substance abuse treatment records

On February 5, 2016, the Department of Health and Human Services (HHS) issued proposes changes to the Confidentiality of Alcohol and Drug Abuse Patient Records regulations, also known as “Part 2 records” which were published...more

ONC Corrects EHR Certification Criteria Final Rule

The HHS Office of the National Coordinator for Health Information Technology (ONC) has published a notice correcting errors and clarifying provisions of its October 16, 2015 rule that finalized the 2015 edition health...more

CMS Adopts Changes to Medicare & Medicaid EHR Policies

The Centers for Medicare & Medicaid Services (CMS) has published a sweeping final rule with comment period that specifies the requirements that eligible professionals (EPs), eligible hospitals, and critical access hospitals...more

ONC Issues Final Health IT Interoperability Roadmap

The HHS Office of the National Coordinator for Health Information Technology (ONC) has released its final “Roadmap” to promote the secure exchange and use of electronic health information. The document, “Connecting Health and...more

HHS OIG “Reminder” about Information Blocking & the Federal Anti-Kickback Statute

The HHS Office of Inspector General (OIG) recently released a “Policy Reminder” on how “information blocking” — defined by HHS as knowingly and unreasonably interfering with the exchange or use of electronic health...more

OIG Reports Insufficient Oversight Of HIPAA Compliance

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Also In the News - Data, Privacy, & Security Practice Report - October 2015

HHS Publishes Final Federal Health IT Strategic Plan 2015-2020 – On September 21, 2015, the Office of the National Coordinator for Health Information Technology (“ONC”) of HHS laid out the federal government’s final version...more

Cure of Security Rule Violations Following Breach of EPHI Cannot Save Covered Entities from $750,000 Settlement; Non-Breach...

More than three years after the Cancer Care Group, P.C. (“CCG”) notified the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) of a breach of unsecured electronic protected health...more

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

86 Results
|
View per page
Page: of 4
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×