News & Analysis as of

Newest Ponemon study released on health care data breaches

The Ponemon Institute has recently released its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. The study has included business associates for the past two years. The study included information received...more

Recent Settlements and Upcoming Audits Highlight the Continuing Need to Focus on Core HIPAA Compliance Measures

Recent settlements and initiatives conducted by the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services highlight the continuing need for focus on compliance with the privacy and security...more

Tennessee Enacts Changes to Data Breach Statute

Businesses in the State of Tennessee should take note of several significant changes to Tennessee's data breach statute that take effect for data breaches occurring on or after July 1, 2016. Currently, Tennessee Code...more

Joint Commission lifts ban on physicians texting patient orders

The Joint Commission, which is the national accrediting organization for health care organizations, has long banned physicians using text messages to place orders for patient care due to data security concerns. In 2011, the...more

Negotiating Software Agreements – Key Terms For Electronic Health Records

Healthcare providers (Providers) rely on third party vendors for providing Electronic Health Record (EHR) software services. Due to the amount of protected health information Providers store in these software services, and...more

Phase 2 of the OCR HIPAA Audit Program Already Underway

On March 21, 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced the launch of the long-awaited Phase 2 HIPAA Audit Program (Phase 2), and OCR activities related to Phase 2 are already...more

Maintaining Patient Privacy In The Digital Age

Those in the heavily regulated healthcare industry know that patient information is sacrosanct. And for good reason; improper handling can result in hefty fines or criminal prosecution under the Health Insurance Portability...more

Raleigh Orthopedic Clinic settles with OCR for $750,000 for lack of business associate agreement

Consistent with the settlement the OCR agreed to with North Memorial Health Care of Minnesota, the Office for Civil Rights has settled its investigation of Raleigh Orthopaedic Clinic, P.A. (Raleigh Orthopaedic) for $750,000....more

Top Tips for OCR HIPAA Audit Preparation

The recently announced OCR HIPAA audits are not a cause for panic, according to experts, especially of organizations have proper documentation. With the most recent round of OCR HIPAA audits announced just last month,...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Not a Check-the-Box Exercise: Failure to Have Signed BAA Results in Substantial Fine

A group practice that was the victim of a silver-harvesting scam has agreed to pay the U.S. Department of Health and Human Services (“HHS”) $750,000 to settle charges that it released protected health information (“PHI”) of...more

OCR issues audit protocol and targets over 800 entities—business associates too

The Office for Civil Rights (OCR) has issued its revamped audit protocol for its second phase of auditing covered entities and business associates’ compliance with the HIPAA Privacy, Security and Breach Notification Rules....more

Der Markteintritt für deutsche IT Firmen aus dem Bereich des Gesundheitswesens

With expenditures of over $ 3 trillion of market in the field of health care in the United States is huge. Incentives of the Federal Government for the introduction of electronic medical records resulted increasingly in the...more

Ransomware Cuts Deep, in Life & in Coverage

1. Beyond Breaches - With ransomware, cybersecurity in healthcare has gone far beyond HIPAA compliance, breaches of PHI or identity theft. For the unprepared healthcare provider not able to prevent ransomware or...more

Ex-Husband's Revenge Leads to HHS Trophy

Patient care is not confined to a single office or exam room, or a single physician or other provider. Caring for patients these days now includes complex coordination among physicians, nurse, technicians, staff, management,...more

Appeals Court Confirms that HITECH Violations Do Not Violate FCA

In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator's claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives...more

A New Tool for Health App Developers to Navigate a Crowded Regulatory Field

As regulators seek to define their authority and the scope of their enforcement power, more health apps will continue to flood the marketplace and transform how patients are treated. As mobile health applications...more

Prepare for the Unexpected with Data Storage and Retrieval

Last week, a federal court in Illinois encountered another example of unexpected events causing problematic privacy and data storage implications for a healthcare company. The non-profit organization responsible for...more

HIPAA Audits Coming Your Way – Are You Ready?

The Office of Civil Rights (OCR) of the Department of Health and Human Services has begun Phase 2 of its audit program under the Health Insurance Portability and Accountability Act (HIPAA). In this phase, OCR will: -...more

FTC Releases Mobile Health Apps Interactive Tool

Consider this: A 42-year-old man arrives at the emergency room showing signs of a heart attack. The ER doctors, using the patient’s activity tracker—in this case, a Fitbit® —are able to pinpoint when the patient’s normal...more

Shhh….OCR Releases New HIPAA Audit Protocol

Just in time for the Phase 2 audits, the Department of Health and Human Services Office for Civil Rights (OCR) quietly posted the updated HIPAA Audit Protocol on its website. The new audit protocol has been updated to include...more

FTC, ONC, OCR and FDA release online tool for mobile health app developers

While attending the International Association of Privacy Professionals annual global event, and listening to Chairwoman Edith Ramirez discuss the Federal Trade Commission’s (FTC) concerns about consumer privacy, the FTC, the...more

OCR Announces Beginning of 2016 HIPAA Phase 2 Audit Program

The OCR recently announced the beginning of the next phase of the HIPAA Privacy, Security, and Breach Notification Audit Program and indicated that it will review the policies and procedures implemented by covered entities...more

HIPAA Phase 2 Audits Begin: What Are The Risks?

On March 21st, OCR1 commenced Phase 2 of its HIPAA2 Audit Program. OCR will audit health plans, hospitals, physician groups and other healthcare entities for compliance with HIPAA’s Privacy, Security and Breach Notification...more

One Week, $5.45 Million in Resolution Agreements for HIPAA Violations

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) continued its run of resolution agreements for HIPAA violations, pulling in $5.45 million from just two entities, North Memorial Health Care of...more

187 Results
|
View per page
Page: of 8
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×