News & Analysis as of

Dept. of Health and Human Services Data Breach

The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980... more +
The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980 and was renamed The Department of Health and Human Services at that time. HHS is charged with protecting and improving the health of the American population, as well as providing essential services.    less -

HHS OCR Resumes HIPAA Enforcement Action Announcements: Four New Settlements and Penalties Totaling More than $5 million in a One...

by Arnall Golden Gregory LLP on

After a pause of nearly two months, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has resumed its announcement of settlements for alleged HIPAA violations, with four new settlement agreements...more

2017 HIPAA Enforcement – Appears Not To Be Slowing Down

by Snell & Wilmer on

To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts. However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of...more

First HIPAA Settlement Involving a Wireless Health Services Provider

by Saul Ewing LLP on

?On April 24, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that CardioNet, Inc. (CNI) agreed to pay $2.5 million and enter into a Corrective Action Plan (CAP) to settle...more

Failure to Implement Business Associate Agreement Results in $31,000 Settlement For Health Care Provider

by Saul Ewing LLP on

On April 20, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Children’s Digestive Health (CDH) agreed to pay HHS $31,000 for its failure to have a business associate...more

Recent HIPAA Privacy and Security Settlements and Lessons Learned

by Perkins Coie on

Although the fate of the Affordable Care Act remains undecided, enforcement of the HIPAA privacy and security regulations by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services is ongoing,...more

DWT Releases Latest Health Care Breach Charts

by Davis Wright Tremaine LLP on

Following the HITECH Act, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued regulations requiring HIPAA covered entities to provide certain notifications for breaches of unsecured...more

$5.5 Million HIPAA Settlement Underscores Importance of Audit Controls

On February 16, 2017, the HHS Office for Civil Rights (OCR) disclosed a $5.5 million settlement with Memorial Healthcare Systems (MHS) for HIPAA violations affecting the protected health information (PHI) of 115,143...more

$5.5 Million HIPAA Settlement Matches Largest Payment To-Date

by Saul Ewing LLP on

On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more

Want to Know Why Memorial Healthcare Systems Is Paying HHS OCR $5.5 Million?

On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more

HIPAA Small Breach Notification Due March 1: “In Like a Lion, Out Like a Lamb” if You Submit Timely

by Davis Wright Tremaine LLP on

March 1, 2017 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more

Lack of Timely Action and Knowledge of Risk Results in $3.2 Million Civil Monetary Penalty for HIPAA Violations

Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more

Key HIPAA Settlement Agreements by HHS’s Office for Civil Rights in 2015 & 2016

by LeClairRyan on

The last time this blog presented an overview of key HIPAA settlement agreements at the Office for Civil Rights in the U.S. Department of Health and Human Services was a review of 2014. The number of complaints that year had...more

What Did They Say About Cybersecurity in 2016? 8 Proclamations from Regulators and the Courts

by Orrick - Trust Anchor on

There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more

Time is Money: HIPAA Enforcement Action for Untimely Breach Notice Settles for $475,000

by Snell & Wilmer on

Many New Year’s Resolutions focus on actions intended to save money and reduce stress. Organizations, especially those in the health care industry, should consider a resolution to review their breach notification procedures...more

HIPAA Breach? Notify Promptly or Face Significant Potential Fines from HHS OCR

by Arnall Golden Gregory LLP on

On January 9, 2017, the Department of Health and Human Services Office of Civil Rights (HHS OCR), which enforces the privacy requirements contained in Health Insurance Portability and Accountability Act (HIPAA), announced a...more

The Price of PHI – A $2.2 Million USB Drive

by Davis Wright Tremaine LLP on

A stolen unencrypted USB drive led to a $2.2 million settlement and a Resolution Agreement. The Department of Health and Human Services Office for Civil Rights (OCR) announced on January 18th a settlement with MAPFRE Life...more

New Hampshire Psychiatric Hospital Patient Records Posted Online by Former Patient

The New Hampshire Department of Health and Human Services has notified up to 15,000 patients of its psychiatric hospital (New Hampshire Hospital) that their names, addresses, Social Security numbers, Medicaid ID numbers and...more

Failure to Timely Notify Results in Enforcement Action and Significant Settlement

by Wilson Elser on

For the first time, on January 9, 2017, the Department of Health and Human Services, Office for Civil Rights (HHS/OCR) settled a HIPAA enforcement action based on the untimely reporting of a breach of unsecured protected...more

Breach of Privacy Prompts Breach of Etiquette: DHHS Sets New Precedent in Privacy Breach Enforcement

by Faegre Baker Daniels on

On January 9, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) took action against a health system for non-timely reporting of a breach of protected health information. It was the first...more

Time is of the Essence When Reporting a Breach of PHI

The failure to timely report a breach of unsecured protected health information (PHI) has cost Presence Health (one of the largest health systems in Illinois) almost half of a million dollars. Earlier this month,...more

Looking Back at the HIPAA Resolution Agreements in 2016

by BakerHostetler on

In 2016, Health and Human Services’ (HHS) Office for Civil Rights (OCR), the enforcement arm for HIPAA, continued robust enforcement efforts. There were 12 reported resolution agreements (RA) in 2016. An RA is a settlement...more

AGG Food and Drug Newsletter - December 2016

by Arnall Golden Gregory LLP on

Arnall Golden Gregory LLP's Food and Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community, including regular updates on legislative initiatives from AGG’s Washington, DC...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

by Arnall Golden Gregory LLP on

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

2016 Health Care Year in Review

by Burr & Forman on

Since I began writing this year-end review in 2013, there have been some common themes – a shift to pay for quality and away from fee-for service, much of which has been brought about by the Affordable Care Act (ACA): efforts...more

OCR Issues Alerts Regarding Phishing Email Disguised as Official OCR Audit Communication

by BakerHostetler on

The HHS Office for Civil Rights (OCR) published an alert on November 28 describing a phishing email being circulated on mock HHS departmental letterhead under the signature of OCR Director Jocelyn Samuels. The email prompts...more

204 Results
|
View per page
Page: of 9
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!