News & Analysis as of

UPDATE: Got Data? Actual Harm Not Required for FTC Enforcement Action for Lax Security Measures

As anticipated, things are getting even more exciting with the case previously covered in Password Protected. Specifically, LabMD is appealing the landmark data security case between it and the Federal Trade Commission...more

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

Corporate Investigations and White Collar Defense - August 2016

Spotlight on the False Claims Act - Why it matters: This month, we review a recent Ninth Circuit case that allowed a qui tam relator’s action against various Medicare Advantage organizations to proceed, holding that the...more

OCR: No privacy breach is too small

The Office for Civil Rights (OCR) HIPAA enforcement efforts are continuing to increase. This year, the OCR has already announced 10 HIPAA enforcement actions involving fines, which is a 67 percent increase from last year and...more

OCR to Focus More Investigative Resources on Smaller HIPAA Breaches with Less Than 500 Individuals Affected

The Department of Health & Human Services (DHHS) Office of Civil Rights (OCR) recently announced it will devote more resources to investigate smaller HIPAA breaches. Before this announcement, OCR typically opened...more

Client Alert: OCR Blitzkrieg: Wider Investigation of Smaller Breaches

On the heels of its first business associate settlement with a business associate and a hat trick of multi-million dollar settlements with covered entities involving electronic Protected Health Information (“PHI”), on August...more

Got Data? Actual Harm Not Required for FTC Enforcement Action for Lax Security Measures

While much of Washington, D.C. is enjoying the slow and hazy days of summer, the Federal Trade Commission (FTC) is staying busy solidifying its presence as the go-to authority for data security. Most recently, on July 29,...more

Lessons for Businesses from FTC’s Opinion on LabMD’s Data Security Practices

The Federal Trade Commission (FTC) has issued an Opinion and Final Order finding that the data security practices of LabMD, Inc. were unreasonable, and therefore constituted an unfair act or practice in violation of Section 5...more

FTC Overrules LabMD Dismissal, Finds Unfair Data Security Practices

The FTC issued an Opinion and Final Order reversing the previously dismissed charges against LabMD on July 29. FTC Administrative Law Judge (ALJ) D. Michael Chappell had dismissed the case against LabMD on November 13, 2015...more

Client Alert: The Government Enters into Largest HIPAA Settlement to Date; What HIPAA Covered Entities and Business Associates...

Advocate Health Care Network, which operates 12 hospitals and more than 200 other treatment centers in Chicago and central Illinois, has agreed to the largest settlement to date with the Office for Civil Rights (“OCR”) for...more

Alert: FTC Commissioners Find LabMD's Failure to Implement Data Security Practices "Unfair"

On July 29, 2016, the Federal Trade Commission (FTC or Commission) announced its long-awaited decision in its LabMD enforcement action. The Commissioners reversed the decision of an Administrative Law Judge (ALJ) and held...more

HIPAA Wake-Up Call for Financial Institutions: First HIPAA Settlement with Business Associate

It’s a HIPAA first. A business associate has settled a direct enforcement action over allegations that it potentially violated the Health Insurance Portability and Accountability Act (HIPAA). This settlement portends future...more

OCR’s Recent $2.7 Million Settlement with Oregon Health & Science University Highlights the Importance of HIPAA Compliance...

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Oregon Health & Science University (OHSU) recently entered into a resolution agreement to settle potential violations of HIPAA’s Privacy and...more

Prevailing in an Era of Regulatory Enforcement – Balancing Risk and Compliance [Expect Focus – Vol. II, July 2016]

IN THE SPOTLIGHT - - SEC Sanctions Unregistered EB-5 Investments Broker SECURITIES - - FINRA to Assess Member Firms’ Culture - SEC Seeks Fund Responses to Distribution-In-Guise Guidance...more

OCR Announces First HIPAA Enforcement Action against a Business Associate

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

Client Alert - The Government Makes a Business Associate Pay: What HIPAA Covered Entities and Business Associates Can Learn from...

The government has entered into its first settlement with a HIPAA business associate, including a $650,000.00 monetary penalty, ushering in a new period of enforcement for third parties who use Protected Health Information...more

[Event] HIPAA Compliance: The Current Audit and Enforcement Environment - August 4th, Richmond, VA

Featuring Iliana L. Peters, J.D., LL.M., Senior Advisor for HIPAA Compliance and Enforcement at the HHS Office for Civil Rights, and Members of Williams Mullen’s Health Care Practice...more

Two Additional HIPAA Settlements Demonstrate Breadth of HIPAA Enforcement Activity

During the week of April 18, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced two significant settlements with a large New York City hospital and a North Carolina orthopaedic...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

NY Hospital to Pay $2.2 Million for Allowing TV Crew to Videotape Dying Patient

On the ABC television series “NY Med,” doctors from New York-Presbyterian Hospital (NYP) are profiled as they perform medical procedures. However, in an effort to keep it “real,” the show’s crew has landed the hospital in hot...more

OCR for the Win: Lincare, Inc. HIPAA Enforcement Action

For the second time in history, on January 13, 2016, an Administrative Law Judge (ALJ) upheld the imposition of civil money penalties charged against a covered entity by the Office of Civil Rights in the Department of Health...more

FTC’s Proposed Settlement with Dental Practice Software Provider Marks Latest Data Security Action Against a Product Supplier

On January 5, the Federal Trade Commission (“FTC”) reached an agreement with Henry Schein Practice Solutions, Inc. (“HSPS”) to settle allegations that HSPS misrepresented that its dental practice software provided...more

OCR Continues Waving Its HIPAA Enforcement Flag: Don’t Forget About Medical Devices

The day before Thanksgiving, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the largest resolution agreement of 2015, against Lahey Hospital and Medical Center (Lahey). The...more

OIG Pushes OCR to Step Up HIPAA Enforcement

In two recent reports, each with a specific focus, the OIG strongly recommended that the Office for Civil Rights (OCR) step up its HIPAA oversight and enforcement activities. One report assessed the OCR’s oversight of covered...more

OCR Launches Platform for Developer HIPAA Questions

The HHS Office for Civil Rights (OCR) has released a new platform to provide mobile health developers (and any other interested stakeholders) a sounding board to ask questions, voice concerns, and “spitball” ideas about HIPAA...more

63 Results
|
View per page
Page: of 3
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×