Dept. of Health and Human Services Health Insurance Portability and Accountability Act

The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980... more +
The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980 and was renamed The Department of Health and Human Services at that time. HHS is charged with protecting and improving the health of the American population, as well as providing essential services.    less -
News & Analysis as of

A New Era of HIPAA Enforcement

Traditionally, HIPAA enforcement is assigned to the Department of Health and Human Services’ Office for Civil Rights (OCR). In November 2013, Health and Human Services’ Office of Inspector General sharply criticized OCR’s...more

Upcoming HIPAA Audits May Target Financial Institutions—Here’s How to Prepare

Much like a tornado watch, the conditions appear to be right for a coming storm: the upcoming Phase 2 HIPAA audits. The Department of Health and Human Services Office for Civil Rights (OCR) has begun verifying contact...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

HHS Solicits Comments on Use of Health Plan Identifier in E-Health Transactions

Today HHS published a request for public comments regarding the health plan identifier (HPID), including the requirements regarding health plan enumeration, and the requirement to use the HPID in electronic health care...more

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

EEOC Proposes Regulatory Clarification on the Application of the ADA to Employer Wellness Program Incentives

Action Item: Employers who already have, or are considering implementing, wellness programs that involve cost-sharing reductions or other financial incentives for participants should carefully review their programs given the...more

New HIPAA Guide to Privacy and Security of Electronic Health Information

The HHS Office of the National Coordinator for Health Information Technology (ONC) recently released Version 2.0 of its Guide to Privacy and Security of Electronic Health Information (Guide)....more

ONC Releases Privacy and Security Guidance Geared Toward Small Providers

The HHS Office of the National Coordinator for Health Information Technology (“ONC”) recently released a new and improved version 2.0 of their Guide to Privacy and Security of Electronic Health Information. This revamped...more

OCR Enforcement of HIPAA Affects Entities of all Sizes Small Pharmacy Enters into Latest Settlement

U.S. Department of Health and Human Services (HHS) announced late last week that Cornell Prescription Pharmacy (Cornell) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996...more

OCR Announces Another HIPAA Settlement and Warns Not to Forget About Paper Records

On April 27, 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy (“Cornell Pharmacy”) had entered into a resolution agreement to settle,...more

HIPAA Rules and Procedures in the Event of a Data Breach, Part Two

My last post focused on the discovery and investigation of a data security breach to determine if breach notification is needed. Today’s post now turns to the requirements of breach notification triggered by a data security...more

OCR Settles Alleged HIPAA Violations with Small, Single Location Pharmacy for $125,000 – Emphases Importance for Secure Disposal...

The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced yesterday a new settlement relating to potential violations of the Health Insurance Portability and Accountability Act of 1996...more

Colorado Compounding Pharmacy Enters Six-Figure Settlement Agreement to Settle Alleged HIPAA Privacy Rule Violations

On April 27, 2015, the U.S. Department of Health and Human Services (HHS) announced that Cornell Prescription Pharmacy (CPP), a single-location pharmacy in the Denver, Colo. metropolitan area, agreed to settle alleged HIPAA...more

HIPAA Rules and Procedures in the Event of a Data Breach, Part One

As discussed in my prior post, recent massive data breaches at major retailers and health insurance providers paint a bleak picture of modern data and emphasize the importance of strong security safeguards and plans for...more

Blog: Colorado Pharmacy Reaches HIPAA Settlement with OCR Following Improper Records Disposal

Yesterday, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy of Denver, Colorado (“Cornell Pharmacy”) has agreed to settle potential violations of...more

HHS releases HIPAA guidance on workplace wellness programs

The Department of Health and Human Services (HHS) recently issued guidance on “HIPAA Privacy and Security and Workplace Wellness Programs.” The guidance helps employers determine whether or not the health information it may...more

Pharmacy Pays $125,000 for Failure to Properly Dispose of Paper Records

Cornell Prescription Pharmacy (“CPP”), a Colorado single-location pharmacy, has agreed to pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights to settle alleged violations of the...more

HIPAA Enforcement Action, Breaches and Pilot Audits

During the HCCA Compliance on Monday, April 20, 2015, Iliana Peters, Senior Advisor for HIPAA Compliance and Enforcement, HHS Office of Civil Rights, presented “Lessons Learned from Recent HIPAA Enforcement Action, Breaches...more

HHS/Office of the National Coordinator issues report that health information sharing is being blocked to gain a competitive edge

In a scathing report released last Friday, the Department of Health and Human Services Office of the National Coordinator (ONC) accused hospitals and software vendors of preventing the sharing of health information in order...more

Healthcare Legal News Volume 5 Number 2

According to a recent study by Accenture, by 2017 approximately 18 percent of the American public will purchase insurance through exchanges versus relying on traditional employer healthcare coverage or foregoing insurance...more

Pharmacies: Watch Out for Future HHS Crackdowns on Security Rule Violations

As we all know by now, HIPAA required the Secretary of the U.S. Department of Health and Human Services (HHS) to adopt regulations protecting the privacy of "protected health information" (PHI). HHS responded to that...more

News from the Health Law Gurus™:

Reporting Deadline for HIPAA Breaches – March 1, 2015 – Did you have a HIPAA breach this year involving less than 500 individuals? If so, the deadline to report such a breach to the U.S. Department of Health and Human...more

HIPAA and “Meaningful Use” Audits: Issues to Consider and How to Prepare

As more and more providers adopt electronic health records (“EHRs”) systems (and with new regulations concerning their required use for purposes of Medicare billing for chronic care management, their popularity can only...more

Also In the News - Data, Privacy, & Security Practice Report - February 2015

OMB Receives Final Rule Permitting Disclosure To NICS --According to reginfo.gov, the White House Office of Management and Budget received a final rule from HHS that would modify the HIPAA Privacy Rule to expressly permit...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

338 Results
|
View per page
Page: of 14

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×