News & Analysis as of

HIPAA in the Time of Ebola

Ebola has recently been the source of much concern, and health care providers and hospitals are taking steps to prepare themselves for the possibility of treating patients with Ebola. In addition to all of the medical...more

Ebola or Not, Patient Privacy Must Be Protected: Office for Civil Rights Issues Bulletin on HIPAA Requirements in Emergency...

In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued a new bulletin reminding HIPAA-covered entities and their business associates that the...more

HHS OIG Announces Information Security Initiatives in 2015 Work Plan

The 2015 Work Plan of the U.S. Department of Health and Human Services Office of Inspector General (“OIG”) posted on Friday, October 31, 2014, includes initiatives focused on testing information security controls related to...more

Blog: Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach...more

A Halloween "Treat" - CMS Announces Indefinite Delay in Enforcement of Health Plan Identifier (HPID) Requirements, Including the...

The Health Plan Identifier (“HPID”) is a standard, unique health plan identifier required by the Health Insurance Portability & Accountability Act of 1996 (“HIPAA”). On September 5, 2012, the Department of Health and Human...more

Ebola Information Quarantine: Balancing Patient Privacy With Public Health

Of all the complex legal issues raised by the recent cases of Ebola in the U.S., those concerning the delicate balance between preserving patients’ privacy rights and the need to disseminate information to protect public...more

REMINDER: HPID Deadline is November 5th

The U.S. Department of Health and Human Services (HHS) is requiring all self-insured health plans to obtain a Health Plan Identifier number (HPID) as part of its compliance efforts under the Health Insurance Portability and...more

Deadline Approaching to Secure Health Plan Identifier (“HPID”)

Certain group health plans are required to obtain a 10-digit Health Plan Identifier ("HPID") from the Center for Medicare and Medicaid Services ("CMS") by November 5, 2014. Currently various users of the health care system...more

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

mHealth Technology – Development in an Uncertain Regulatory Climate

The development and use of mobile technologies and devices is expanding at an incredibly fast pace and is changing, and in fact revolutionizing, the way patients and healthcare providers interact. Mobile medical technologies...more

‘Health Care’-Related Calls: Ambiguity at the Intersection of HIPAA and TCPA

The Federal Communications Commission (FCC) has established exemptions from certain requirements of the Telephone Consumer Protection Act (TCPA) for health care messages regulated under the Health Insurance Portability and...more

Recent 11th Circuit Cases Provide Important HIPAA Guidance - Healthcare Providers Should Be Proactive by Reviewing Their HIPAA...

On Oct. 10, 2014, the 11th Circuit opinion in Murphy v. Dulay provides significant guidance regarding HIPAA authorization forms. One of the most important provisions of the opinion focuses on the fact that HIPAA...more

HITECH Act Assures Meaningful Use & Care Coordination…For Some

The passage of the ARRA HITECH Act in 2009 fostered significant advancements in patient engagement and care coordination by incentivizing primarily physical health providers and acute care hospitals to make smarter use of...more

Ex Parte Communications between Treating Physician and Attorneys

Under HIPAA, physicians are permitted to disclose “protected health information” to their attorneys for purposes of their own healthcare operations. This allows physicians sued by patients for malpractice to provide their...more

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

Starting Oct. 6, Patients Can Access Test Reports Directly From Clinical Laboratories

On Oct. 6, 2014, a final rule issued jointly by the Centers for Medicare & Medicaid Services (CMS), Centers for Disease Control and Prevention (CDC), and Office for Civil Rights (OCR) will require all HIPAA-covered labs...more

“Access Denied” – Understand How Your Electronic Health Records Are Controlled

Earlier this week, my colleague Dianne Bourque commented on a small medical practice’s inability to access its patients’ medical records one July day after its EHR vendor blocked the practice from pulling the data stored in...more

Lawmakers Call to Clarify HHS’ Mobile Medical App Regulation

The mobile medical application marketplace has developed into a $68 billion industry; however, the U.S. Department of Health and Human Services (HHS) has not yet updated guidance regarding the Health Insurance Portability and...more

Business Associate Agreement September 22 Deadline; Same Sex Marriage Guidance Released

There are two important updates with respect to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). First, on September 17, 2014, the U.S. Department of Health and Human Services (HHS) issued guidance to...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Healthcare Legal News: Volume 4, Number 3 - Special Issue: HIPAA Update

Recent Trends in HIPAA Liability - Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including...more

Deadline to Update Business Associate Agreements for HIPAA is Approaching

The deadline for updating your health plan’s existing business associate agreements is rapidly approaching. The final regulations issued on January 25, 2013 under the Health Insurance Portability and Accountability Act...more

OCR Reveals Information about Upcoming HIPAA Audits

At the Healthcare Information and Management Systems Society (“HIMSS”) Privacy and Security Forum this week, health information privacy senior advisor for the Office for Civil Rights (“OCR”) Linda Sanches revealed certain...more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Business Associate Agreements May Require Amendment

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

223 Results
|
View per page
Page: of 9