News & Analysis as of

Blog: OCR Rep Discusses HIPAA Violations, Enforcement Actions, and Upcoming Audit Program

Last week, the National Institute of Standards and Technology (“NIST”), in conjunction with the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”), hosted a conference entitled “Safeguarding Health...more

WEBINAR: Breach, Enforcement and Beyond: HIPAA Breach Notification Analysis and OCR Enforcement Activities

The Office for Civil Rights of the US Department of Health and Human Services revised the breach notification regulations last year in order to make the analysis of whether a breach occurred more objective. In addition, OCR...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

New Data Disposal Law in Delaware Requires Action by Impacted Businesses

While the federal government continues its inaction on data security bills pending in Congress, some U.S. states have been busy at work on this issue over the summer. A new Delaware law H.B. 295, signed into law on July 1,...more

HIPAA Violations Will Soon Be More Expensive

The U.S. Department of Health and Human Services (HHS) intends to use higher fines and a new round of audits to send a strong message to the healthcare industry about complying with the Health Insurance Portability and...more

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

No Judicial Review of FTC Jurisdiction until the Agency Takes a Final Action

Companies that handle personal data may need to litigate an FTC enforcement action to its conclusion before a court will review the Commission's jurisdiction to commence the enforcement action in the first place....more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action. Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

Paying the Price: Physician Group Faces Hefty Penalty and OCR Oversight After Failure to Conduct Security Risk Assessment and...

What you need to know: The Office for Civil Rights of the US Department of Health & Human Services is continuing its trend toward more aggressive enforcement of HIPAA violations. Small provider entities are not immune...more

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

New HIPAA Omnibus Regulations – What Employers Who Sponsor Group Health Plans Need to Know to Comply

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

10 Fraud and Abuse Enforcement Trends You Can't Afford to Ignore in 2013

To paraphrase a famous quote, "Those who do not learn from history are doomed to repeat it," and providers who ignore the significance of the federal government's healthcare fraud enforcements efforts in 2012 do so at their...more

Infobytes - A Weekly In-depth review of news & developments in the financial services industry - January 18, 2013

In This Issue: - FEDERAL ISSUES - STATE ISSUES - COURTS - FIRM NEWS - FIRM PUBLICATIONS - MORTGAGES - BANKING - CONSUMER FINANCE - E-COMMERCE - PRIVACY/DATA SECURITY - PAYMENTS -...more

Brace for Impact – Final HITECH Rules Will Require Substantially More Breach Reporting

HHS has finally issued its omnibus HITECH Rules. Our firm will issue a comprehensive summary of the rules shortly, but of immediate import is the change to the breach reporting harm threshold. The modification will make it...more

CMS Announces 90-Day Grace Period for Compliance with Eligibility and Claim Status Operating Rules Under HIPAA

CMS’s Office of E-Health Standards and Services (OESS) has announced on January 2, 2013, that it will not initiate any enforcement action prior to March 31, 2013, with respect to HIPAA covered entities’ compliance with...more

17 Results
|
View per page
Page: of 1