News & Analysis as of

Health Care Providers Office of Civil Rights HIPAA Breach

Ballard Spahr LLP

2024 HIPAA Developments

Ballard Spahr LLP on

Over the course of the past few months, the Office of Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC), both of which are divisions of the U.S. Department of Health and...more

ArentFox Schiff

Providers Face HIPAA Compliance Questions After Change Healthcare Cyberattack

ArentFox Schiff on

Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more

Holland & Knight LLP

HIPAA Breach Notice Can Be Delegated to Change Healthcare

Holland & Knight LLP on

After months of uncertainty and multiple letters from industry associations advocating on behalf of the healthcare industry with the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR), covered...more

Holland & Hart LLP

Avoiding HIPAA Penalties: A Checklist for Covered Entities

Holland & Hart LLP on

The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more

Polsinelli

HHS Finalized Part 2 Revisions: What Has Changed?

Polsinelli on

On February 8, 2024, the U.S. Department of Health and Human Services, through its Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), released final rule (Final Rule)...more

Jackson Lewis P.C.

Downstream Breaches Cause Headaches for Healthcare Providers, as State AG Seeks Law Change to Require AG Notification

Jackson Lewis P.C. on

For healthcare providers and health systems covered by the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), a breach of unsecured protected health information (PHI)...more

Health Care Compliance Association (HCCA)

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Robinson+Cole Data Privacy + Security Insider

HHS Settles with Doctors’ Management Services Over Ransomware Attack

On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health...more

Dorsey & Whitney LLP

HHS OCR Settles HIPAA Investigation with Business Associate for $350,000

Dorsey & Whitney LLP on

Over the past decade, the number of health care data breaches reported to the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has increased dramatically. From 2009 to 2022, over 5,000 data...more

Robinson+Cole Data Privacy + Security Insider

Annual Breach Notification Deadline to OCR Looming

HIPAA requires that covered entities notify the Office for Civil Rights (OCR) of any breaches of unsecured protected health information that affects less than 500 individuals in a calendar year within 60 days following the...more

Arnall Golden Gregory LLP

Reporting Deadline for 2022 Small HIPAA Breaches: March 1, 2023

With 2023 underway, healthcare providers and other “covered entities,” as defined under the Health Insurance Portability and Accountability Act (“HIPAA”), should be mindful of the upcoming annual reporting deadline for small...more

Health Care Compliance Association (HCCA)

[Virtual Event] Richmond Regional Healthcare Compliance Conference - December 9th, 8:25 am - 4:30 pm EST

General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more

Burr & Forman

Cyber Attacks on Health Care Entities Increasing

Burr & Forman on

Cyber-attacks on health care entities are becoming increasingly frequent, and the resulting data breaches are often complex. In the event of a cyber-attack, health care entities and their business associates must adhere to...more

Rivkin Radler LLP

University Health Center Pays $875,000 in HIPAA Fines after Cyber Hack

Rivkin Radler LLP on

Oklahoma State University’s Center for Health Services recently paid $875,000 to settle potential HIPAA violations after a cyberattack resulted in the unauthorized access of its patients’ protected health information. A...more

Robinson+Cole Data Privacy + Security Insider

Reporting of Breaches Under 500 Due by March 1

HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals no later than...more

Robinson+Cole Data Privacy + Security Insider

New Jersey Settles with Cancer Center Over Business Email Compromise

One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more

Morgan Lewis - Health Law Scan

March Fast Break Recap: HIPAA Enforcement Case Analysis – MD Anderson Cancer Center v. OCR

Last month we had an incredibly insightful Fast Break analyzing a significant HIPAA enforcement victory for The University of Texas MD Anderson Cancer Center (MD Anderson) in the US Court of Appeals for the Fifth Circuit. ...more

Faegre Drinker Biddle & Reath LLP

Fifth Circuit Decision Motivates Covered Entities to Appeal Unreasonable Enforcement Outcomes

The United States Court of Appeals for the Fifth Circuit (the “Court”) vacated a $4,348,000 civil monetary penalty (“CMP”) imposed by the U.S. Department of Health and Human Services’ Office for Civil Rights (“HHS-OCR”) in...more

Bricker Graydon LLP

[Webinar] OCR Enforcement Activity: Recent HIPAA Audits & Right of Access Initiative Settlements - March 4th, 12:00 pm - 1:00 pm...

Bricker Graydon LLP on

Health care technology has seen an incredible amount of change over the past twelve months. As health care providers and entities continue to provide patient care in unprecedented times, it is becoming increasingly important...more

Robinson+Cole Health Law Diagnosis

OCR Announces it Will Not Impose HIPAA Penalties for Use of COVID-19 Vaccine Scheduling Apps

The Office of Civil Rights (OCR) issued a notice this week stating that it will not impose penalties for HIPAA non-compliance in connection with a covered entity health care provider’s or business associate’s good faith use...more

Robinson+Cole Data Privacy + Security Insider

Athens Orthopedic Settles with OCR for $1.5M for Data Breach

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more

Robinson+Cole Data Privacy + Security Insider

HIPAA Business Associate Pays $2.3 Million Settlement After Hackers Target PHI of Over 6 Million Individuals

Health care providers and contractors continue to be a popular target for hackers. Recently, CHSPSC LLC (CHSPSC), which provides various services to hospitals and clinics indirectly owned by Community Health Systems, Inc. of...more

Bricker Graydon LLP

OCR announces second-largest HIPAA breach settlement

Bricker Graydon LLP on

On September 25, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced that it reached a settlement with Premera Blue Cross (PBC), a health plan operating in Washington and Alaska,...more

K&L Gates LLP

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

Bradley Arant Boult Cummings LLP

OCR Breach Reporting: 2019 “Small Breach” Report Due Saturday, February 29 - Healthcare Alert

Don’t forget that the required end-of-the-year reporting of any small breaches of unsecured protected health information (PHI) that were discovered in 2019 is coming up. Under the Health Insurance Portability and...more

144 Results
 / 
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide