News & Analysis as of

Department of Health and Human Services (HHS) Data Security Electronic Medical Records

Ballard Spahr LLP

HIPAA Breach Notifications – A Question of Timing

Ballard Spahr LLP on

You are the HIPAA privacy official of a hospital or health plan (a covered entity under HIPAA). You receive an email from a vendor that handles protected health information (a business associate), informing you that one month...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 23, Number 2. ONC’s Tripathi: HIPAA Doesn’t Impede Sharing, Requirements Under Info Blocking...

Report on Patient Privacy Volume 23, no 2 (February 2023) When Micky Tripathi’s mom was recently transferred to a rehab facility to recover from a broken hip, the hospital, “right in front of me…printed off her record,...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 23, Number 1. Privacy Briefs: January 2023

Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more

Epstein Becker & Green

A Guide to Practical, Regulatory, and Reputational Risk Management

Ransomware Particularly Inflicts Health Care and Life Sciences Organizations - Ransomware is a malicious cyber threat vector that employs encryption malware to prevent users from accessing their systems and data unless...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 20, Number 11. Privacy Briefs: November 2020

Report on Patient Privacy 20, no. 11 (November 2020) - HHS Office of the National Coordinator (ONC) for Health Information Technology (ONC) is giving health care organizations more time to meet new rules on information...more

Foley & Lardner LLP

COVID-19: HHS Permits Business Associates to Use and Disclose PHI for Public Health and Health Oversight Purposes Without Amending...

Foley & Lardner LLP on

The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more

Saul Ewing LLP

Solo Practitioner Agrees to $100,000 Settlement for HIPAA Security Rule Violations

Saul Ewing LLP on

On March 3, 2020, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announced a $100,000 settlement and corrective action plan with Steven A. Porter, M.D. to resolve potential...more

Robinson+Cole Health Law Diagnosis

Texas Health and Human Services Fined $1.6 Million for HIPAA Violations

The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more

Faegre Drinker Biddle & Reath LLP

Business Associate Failed to Safeguard 3.5 Million Patients’ Medical Records

Medical Informatics Engineering, Inc. and its wholly-owned subsidiaries (MIE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS-OCR) entered into a $100,000 settlement and two-year...more

Robinson+Cole Health Law Diagnosis

HHS Releases Health Care Industry Cybersecurity Task Force Report

Last week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task...more

Bass, Berry & Sims PLC

HHS Modifies Drug and Alcohol Abuse Confidentiality Regulations, Proposes Additional Revisions

Bass, Berry & Sims PLC on

On January 18, 2017, the U.S. Department of Health and Human Services, Substance Abuse and Mental Health Services Administration (SAMHSA) released a final rule (the Final Rule) modifying the federal regulations governing the...more

Ballard Spahr LLP

Beware of Phishing Email Disguised as Official OCR Audit Communication

Ballard Spahr LLP on

The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has posted an alert (and a follow-up alert) warning health plans, health care providers, and their vendors of a mock communication...more

BakerHostetler

Cloud Service Providers Beware, You May Be Subject to HIPAA Without Knowing It

BakerHostetler on

The use of cloud service providers has exploded in the past several years. According to estimates from Gartner, the market for cloud services is expected to reach $204 billion in 2016. But the use of cloud service providers...more

Ballard Spahr LLP

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

Ballard Spahr LLP on

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

King & Spalding

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Orrick, Herrington & Sutcliffe LLP

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

Seyfarth Shaw LLP

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

Seyfarth Shaw LLP on

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

Robinson+Cole Data Privacy + Security Insider

OCR settlement reiterates importance of proactive security rule compliance

On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve...more

Orrick, Herrington & Sutcliffe LLP

Policyholder Insider Quarterly

Five Lessons Health Care Companies Should Learn From Cyberattacks - The American health care industry is under attack by sophisticated hackers seeking access to electronic medical records. Since January, three health...more

McGuireWoods LLP

Hospital’s Cloud-Based Document-Sharing Practices Lead to $218,400 HIPAA Settlement

McGuireWoods LLP on

On July 10, 2015, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced a substantial settlement with St. Elizabeth’s Medical Center (SEMC). Under the terms of the settlement, the hospital...more

21 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide