Health Care Providers Office of Civil Rights

News & Analysis as of

HIPAA Checkup – How Good Are Your Policies and Procedures?

Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more

2017 HIMSS Conference Insights

Members of Arnall Golden Gregory LLP's Healthcare Information Technology team attended the 2017 HIMSS Conference February 19-23 in Orlando, FL. Hundreds of innovative companies and 40,000+ technology professionals took part...more

OCR’s Latest Health Breach Investigations Yield Big Settlements

In a span of a few weeks in early January 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced two major settlements under the Health Insurance Portability and Accountability Act...more

2017 HIPAA Enforcement: Year to Date Lessons

With the announcements from OCR of three resolution agreements and one civil money penalty as of mid-February, OCR is off to a record start for HIPAA enforcement in 2017, with double the announcements as the same time last...more

Charging for Medical Records Can Cost You

Health care providers often are unaware of federal laws that regulate the process by which they charge patients for copies of medical records. Many providers incorrectly assume that only the law of the state in which the...more

Report Summarizes Healthcare Data Breaches in January 2017

Health care data breaches are not slowing. According to a report issued by Protenus, in conjunction with www.databreaches.net, the summary of healthcare data breaches in 2017 continues where 2016 left off. In January...more

Lessons Gleaned From Recent HIPAA Settlements: An Ounce of Prevention is Worth a Pound of Cure: How Recent OCR Enforcement...

HIPAA enforcement has been on the rise during the last several years, and the dollar impact of those settlements has continued to grow significantly. The Department of Health and Human Services, Office of Civil Rights (OCR)...more

Report Lists Health Care Data Breaches by State

A new report issued by Safetica USA has organized data breaches affecting over 500 individuals that were self-reported to the Office for Civil Rights (OCR) in 2016 into a list by state and records exposed....more

$5.5 Million HIPAA Settlement Matches Largest Payment To-Date

On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more

Technical Noncompliance with HIPAA Can Lead to Big Penalties

As discussed in prior client alerts, the Office of Civil Rights (OCR), the agency charged with HIPAA enforcement, has increased HIPAA compliance initiatives in recent months and is poised to continue its enforcement...more

To Settle or Not to Settle – That Is the Question Raised by Recent HIPAA CMPs

On February 1, 2017, the Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that the Children’s Medical Center of Dallas (“Children’s”) has paid a civil monetary penalty (“CMP”) of $3.2 million...more

TortSource: Ransomware: A Reportable Breach?

In the past several years, a huge increase has occurred in the number of electronic attacks in the United States using ransomware, a form of malware that targets and encrypts critical data and systems for the purpose of...more

HIPAA Enforcement Update (October 2016 – January 2017)

Since October 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced four settlement agreements to resolve allegations of Health Insurance Portability and Accountability Act (HIPAA)...more

HIPAA Small Breach Notification Due March 1: “In Like a Lion, Out Like a Lamb” if You Submit Timely

March 1, 2017 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more

Lack of Timely Action and Knowledge of Risk Results in $3.2 Million Civil Monetary Penalty for HIPAA Violations

Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more

Children’s Medical Center of Dallas Clobbered by OCR

In a rare move by the OCR, it assessed a $3.2 million fine against Children’s Medical Center of Dallas (Children’s) after it issued a Notice of Proposed Determination against Children’s and Children’s failed to request a...more

Key HIPAA Settlement Agreements by HHS’s Office for Civil Rights in 2015 & 2016

The last time this blog presented an overview of key HIPAA settlement agreements at the Office for Civil Rights in the U.S. Department of Health and Human Services was a review of 2014. The number of complaints that year had...more

Heightened Importance for March 1, 2017 HIPAA Small Breach Reporting Deadline

With OCR’s recent announcement of its first enforcement action for lack of timely breach notification and its increased focus on small breaches, the upcoming annual reporting deadline for small breaches takes on increased...more

2016 – Health Law Year in Review

We are pleased to present our annual review of developments in the field of health law. The year was marked by key changes in False Claims Act jurisprudence and Medicare payment policy. 2016 also brought with it focused...more

The Price of PHI – A $2.2 Million USB Drive

A stolen unencrypted USB drive led to a $2.2 million settlement and a Resolution Agreement. The Department of Health and Human Services Office for Civil Rights (OCR) announced on January 18th a settlement with MAPFRE Life...more

Health Care Group News: OCR Releases New Clarifying Guidance In Response To Orlando Pulse Nightclub Attack

In an emergency, when there is a flurry of activity in a hospital, covered entities often struggle with who they are permitted to release patient information to under HIPAA. On January 11, 2017, the Department of Health and...more

Federal Court Enjoins Part of ACA Final Non-Discrimination Rule

On December 31, 2016, the U.S. District Court for the Northern District of Texas issued a nationwide injunction in Franciscan Alliance, Inc. v. Burwell, N.D. Tex., No. 16-cv-108, holding that portions of the final rule issued...more

Breach of Privacy Prompts Breach of Etiquette: DHHS Sets New Precedent in Privacy Breach Enforcement

On January 9, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) took action against a health system for non-timely reporting of a breach of protected health information. It was the first...more

Three-Month Delay Means Health Network Must Pay

A delay in reporting a HIPAA violation can result in a significant monetary penalty. That was the message sent by the Office for Civil Rights (OCR), which recently announced the first HIPAA settlement based on the untimely...more

Healthcare Provider Obligations For Individuals With Limited English Proficiency

This summer I wrote about the dangers of English-only policies in this age of multiculturalism. These policies tend to emerge more frequently in the healthcare workplace, the reason being – the provision of quality care is...more

169 Results
|
View per page
Page: of 7
Cybersecurity

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×