Dept. of Health and Human Services Protected Health Information

The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980... more +
The United States Department of Health and Human Services is a federal executive department established in 1953, as part of the Department of Health, Education and Welfare. The Agency became independent in 1980 and was renamed The Department of Health and Human Services at that time. HHS is charged with protecting and improving the health of the American population, as well as providing essential services.    less -
News & Analysis as of

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

News from the Health Law Gurus™

Chinese Hackers Infiltrate Health System Network Affecting 4.5 Million Individuals – Community Health Systems, Inc. (“CHS”) reported this week that the information of approximately 4.5 million individuals has been affected by...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Medicaid Claims And Health Care Fraud: As The Data Flows, New Cracks Emerge

As we noted in two of our prior posts in the Insider blog, the government has long touted its ability to rely upon data mining as a means of detecting fraud in the federal health care system, and has initiated a host of...more

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

HIPAA Data Breaches

HIPAA has been on the books since 1996. With the advent of electronic health records, HHS adopted security regulations to require covered entities to protect the integrity, confidentiality, and availability of electronic...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

OCR Annual Report Highlights Breaches Of Unsecured Protected Health Information

The Health Information Technology for Economic and Clinical Health Act ("HITECH") requires Covered Entities and Business Associates to provide notification of breaches of unsecured Protected Health Information. The Department...more

$800,000 Medical Records Dumping Settlement: Expensive Reminder that HIPAA Applies to Paper Records, Too

A 2009 incident involving the dumping of 71 boxes of medical records will cost an Indiana-based health system, Parkview Health System, Inc. (“Parkview”), $800,000 for alleged violations of the Health Insurance Portability and...more

HHS Reports to Congress highlight HIPAA Compliance and Breach Activities

On June 11, 2014, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued two reports to Congress summarizing activities in calendar years 2011 and 2012. The Annual Report to Congress on...more

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

Proposed modifications to EHR Incentive Programs

Last year, HHS revised policies and definitions surrounding what constitutes certified EHR technology—required for meaningful use incentive program payment eligibility—from the 2011 Edition criteria to the 2014 Edition...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Stolen Laptops Lead to $2 Million Fine To Settle HIPAA Violations

Lost or stolen unencrypted mobile devices — commonly laptops — are the primary cause of major healthcare data breaches. This unfortunate trend persists, despite warnings from the Office for Civil Rights (OCR) of the U.S....more

Regulatory double jeopardy? FTC enforcement of privacy and security in healthcare

How should health care companies strengthen their HIPAA compliance programs to manage the risk of a potential FTC investigation? While the U.S. Department of Health and Human Services (HHS) Office for Civil Rights...more

HHS OCR Settles Post-Data Breach Investigation for Record $4.8M

On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more

We have seen this movie before ….. and we all should know that it does not end well.

How much is the cost of doing nothing when it comes to encryption of sensitive data? In the case of electronic protected health information, about $2 million. Two companies have been hit with fines equaling a total...more

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

HHS releases Security Risk Assessment Tool to Help Providers with HIPAA Compliance

In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more

HIPAA Security Risk Assessment Tool Released by HHS

HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more

New Resource Available to Providers for HIPAA Security Rule Compliance

On March 28, 2014, the U.S. Department of Health and Human Services (“HHS”) announced the release of a security risk assessment (“SRA”) tool to assist small- to mid-sized providers in conducting risk assessments of their...more

Hospital Executive Indicted for Allegedly Lying about Meaningful Use of Electronic Health Records

A hospital executive was recently indicted for allegedly submitting a false attestation regarding a hospital’s “meaningful use” of electronic health records (“EHR”) technology through the Medicare EHR incentive program. This...more

HHS Releases Guidance On Disclosure Of Mental Health Information Under HIPAA

The HHS Office for Civil Rights issued guidance in question-and-answer format clarifying when a provider may release information regarding a patient’s mental health to family members, friends, law enforcement, and others. The...more

156 Results
|
View per page
Page: of 7