Dept. of Health and Human Services Office of Civil Rights

The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980... more +
The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980 and was renamed The Department of Health and Human Services at that time. HHS is charged with protecting and improving the health of the American population, as well as providing essential services.    less -
News & Analysis as of

WEBINAR: Breach, Enforcement and Beyond: HIPAA Breach Notification Analysis and OCR Enforcement Activities

The Office for Civil Rights of the US Department of Health and Human Services revised the breach notification regulations last year in order to make the analysis of whether a breach occurred more objective. In addition, OCR...more

HIPAA For Lawyers And Law Firms: What you need to know to prevent your law firm from paying MILLION$

For years now lawyers and law firms providing professional services to health care providers or health insurance plans should have had in place essential safeguards to meet the responsibilities and requirements as business...more

Are your HIPAA ducks in a row? The next round of OCR HIPAA audits is approaching

In 2011 the Department of Health and Human Services’ Office for Civil Rights (OCR) established the HIPAA Pilot Audit Program to ensure compliance with HIPAA’s privacy, security and breach notification rules. The first...more

HIPAA Violations Will Soon Be More Expensive

The U.S. Department of Health and Human Services (HHS) intends to use higher fines and a new round of audits to send a strong message to the healthcare industry about complying with the Health Insurance Portability and...more

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

New HIPAA Reports to Congress Shed Light on OCR Enforcement

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued two reports to Congress, as required by the HITECH Act. The compliance report details OCR’s enforcement activities for 2011 and 2012 and...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

HHS Announces $800,000 HIPAA Settlement in Medical Records “Dumping” Case

On June 23, 2014, The Department of Health and Human Services (HHS) entered into an $800,000 settlement with Parkview Health System, Inc. (“Parkview”), a nonprofit community health system servicing northeastern Indiana and...more

HHS Reports to Congress highlight HIPAA Compliance and Breach Activities

On June 11, 2014, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued two reports to Congress summarizing activities in calendar years 2011 and 2012. The Annual Report to Congress on...more

Privacy Wednesday

What’s that old saying … “a day late and a dollar short?” Here is our Privacy Monday roundup … on Wednesday. Office for Civil Rights HIPAA Crackdown? The Office for Civil Rights (OCR) — the enforcement arm of...more

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Stolen Laptops Lead to $2 Million Fine To Settle HIPAA Violations

Lost or stolen unencrypted mobile devices — commonly laptops — are the primary cause of major healthcare data breaches. This unfortunate trend persists, despite warnings from the Office for Civil Rights (OCR) of the U.S....more

Regulatory double jeopardy? FTC enforcement of privacy and security in healthcare

How should health care companies strengthen their HIPAA compliance programs to manage the risk of a potential FTC investigation? While the U.S. Department of Health and Human Services (HHS) Office for Civil Rights...more

HHS OCR Settles Post-Data Breach Investigation for Record $4.8M

On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more

Two Health Care Organizations Pay Largest HIPAA Fine at $4.8 Million Resulting from Unsecured Shared Network

New York-Presbyterian Hospital and Columbia University entered into a settlement with the Department of Health and Human Services’ Office of Civil Rights (OCR) to resolve allegations that the organizations had violated the...more

Server Breach Makes ePHI Accessible on Google, Costs Covered Entities $4.8 Million

It would be pretty unsettling if your patient status, vital signs, medications, and laboratory results were available for the world to see on Google, wouldn’t it? According to recent settlement agreements announced by the...more

Coming Fall 2014: HHS Launches Permanent Audit Program

Beginning in the Fall of 2014, a substantial number of covered entities and business associates will receive a notification and data request from the Health and Human Services' (HHS) Office for Civil Rights (OCR). According...more

Caution: Failure to Conduct a HIPAA Risk Analysis Endangers Your Meaningful Use Incentive Payments

Providers participating in the Medicare and Medicaid Electronic Health Record ("EHR") incentive programs should be mindful that failure to comply with the requirements of the Health Insurance Portability and Accountability...more

Physical Therapy Provider Enters into HIPAA Settlement

U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced yet another enforcement action. Specifically, OCR opened a compliance review of Concentra Health Services (Concentra) upon...more

No More Excuses: Encrypt Your Laptops or Pay Big $

Two companies were hit with fines equaling a total of almost $2 million to settle alleged Health Insurance Portability and Accountability Act (HIPAA) violations involving stolen, unencrypted laptops, the U.S. Department of...more

To Encrypt or Not to Encrypt—A $2 Million Question with a Simple Answer, HHS Says

The Department of Health and Human Services (“HHS”) just announced a pair of settlements arising out of the theft of two laptops containing protected health information (“PHI”). Two entities, Concentra Health Services...more

Free HIPAA Help

Health care providers, health plans, business associates, and other entities affected by the federal HIPAA privacy and security regulations are quickly running out of excuses for not having a robust HIPAA compliance program...more

134 Results
|
View per page
Page: of 6