Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

Health Care E-Note - January 2017

On October 4, 2016, The Centers for Medicare and Medicaid Services ("CMS") released the final rules regarding the requirements of participation for skilled nursing facilities. One of the most significant changes to the...more

Do Routine Calls by Health Plans to Patients and Health Plan Members Constitute “Telemarketing” Under the Telephone Consumer...

Covered entities have a long list of laws and regulations governing their conduct, including their communications with patients, customers, and members. Specifically, the Health Insurance Portability and Accountability Act...more

Vendor Causes Breach of Over 5,000 Patient Records

The continued risk that vendors pose to companies, including health care entities cannot be overemphasized. This week, Sentara Healthcare (Sentara) announced that one of its third-party vendors was the victim of a...more

Health Care Group News: OCR Releases New Clarifying Guidance In Response To Orlando Pulse Nightclub Attack

In an emergency, when there is a flurry of activity in a hospital, covered entities often struggle with who they are permitted to release patient information to under HIPAA. On January 11, 2017, the Department of Health and...more

Enough is Enough: Court Dismisses TCPA Class Action Against A Health Plan That Placed Reminder Calls To Its Members That They...

Plaintiffs across the country have continued to file class actions against companies of all stripe for violation of the Telephone Consumer Protection Act (“TCPA”), often for communications far afield from the classic...more

“Primed” to Read about Data Privacy? The Sedona Conference Has a New Primer for You: eDiscovery Best Practices

The proliferation of data in our society today makes the task of protecting sensitive and private data more challenging than ever. Without a doubt, privacy and data protection laws have evolved quite a bit over the past...more

Bullet Points on a Primer: The Quick Version of the Sedona Conference’s Data Privacy Primer

The Sedona Conference has just published the public comment version of its Data Privact Primer, a publication of its very active Working Group on Data Security and Privacy Libaility. The primer is excellent. ...more

Patient Records Requests: What You Need to Know [Video]

Our guest on Healthcare Matters is Richard J. Rymond, an attorney at Reminger Co., LPA, who specializes in in medical, dental and other forms of professional, commercial and general liability. He is the Dental Liability...more

Time Waits for No One: OCR Announces First HIPAA Settlement for Lack of Timely Breach Notification

On Jan. 9, 2017, the Department of Health and Human Services Office for Civil Rights (“OCR”) announced the first HIPAA enforcement action for failure to timely report a breach. Often investigating and making formal...more

New Hampshire Psychiatric Hospital Patient Records Posted Online by Former Patient

The New Hampshire Department of Health and Human Services has notified up to 15,000 patients of its psychiatric hospital (New Hampshire Hospital) that their names, addresses, Social Security numbers, Medicaid ID numbers and...more

Failure to Timely Notify Results in Enforcement Action and Significant Settlement

For the first time, on January 9, 2017, the Department of Health and Human Services, Office for Civil Rights (HHS/OCR) settled a HIPAA enforcement action based on the untimely reporting of a breach of unsecured protected...more

Breach of Privacy Prompts Breach of Etiquette: DHHS Sets New Precedent in Privacy Breach Enforcement

On January 9, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) took action against a health system for non-timely reporting of a breach of protected health information. It was the first...more

EEOC issues guidance on new wellness notice mandated for 2017

Effective as of the first day of the plan year that began on January 1, 2017, or after, employers maintaining wellness programs that collect employee health information must satisfy a new notice requirement. The EEOC has...more

Guidelines for De-Identification, Anonymization, and Pseudonymization

De-identification of data refers to the process used to prevent personal identifiers from being connected with information. The FTC indicated in its 2012 report Protecting Consumer Privacy in an Era of Rapid Change:...more

Time is of the Essence When Reporting a Breach of PHI

The failure to timely report a breach of unsecured protected health information (PHI) has cost Presence Health (one of the largest health systems in Illinois) almost half of a million dollars. Earlier this month,...more

2017 Health Information Privacy and Security New Year’s Resolutions

To start off the New Year, here are some potential health information privacy and security resolutions. You can use these Annual, Quarterly, and Monthly lists to map out your privacy and security tasks for the year, and then...more

Three-Month Delay Means Health Network Must Pay

A delay in reporting a HIPAA violation can result in a significant monetary penalty. That was the message sent by the Office for Civil Rights (OCR), which recently announced the first HIPAA settlement based on the untimely...more

Court Rejects AARP’s Request to Block EEOC’s Final Wellness Rules -- Wellness Rules Took Effect as Scheduled on January 1, 2017

The Equal Employment Opportunity Commission (EEOC) recently issued final regulations under the American with Disabilities Act (ADA) and Genetic Information Nondiscrimination Act (GINA) with respect to employer-wellness...more

Looking Back at the HIPAA Resolution Agreements in 2016

In 2016, Health and Human Services’ (HHS) Office for Civil Rights (OCR), the enforcement arm for HIPAA, continued robust enforcement efforts. There were 12 reported resolution agreements (RA) in 2016. An RA is a settlement...more

Health Care Institutions

Originally published in Haig, Business and Commercial Litigation in Federal Courts, Fourth Edition §§ 87:1 et seq. © 2016 American Bar Association. This chapter discusses federal court litigation relating to health care...more

Top Ten Education Developments, Breaches, and Settlements of 2016

This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of...more

The Future of the ACA Week 4: The Ryan Plan, “A Better Way”

The recent Republican election victories appear to ensure that the Affordable Care Act’s (ACA) days are numbered. But with nearly a fifth of the U.S. economy, and the health care coverage for some tens of millions of U.S....more

New ACA FAQs - Special Enrollment, Women’s Preventive Care and a Cure for the HRA that Ails You (If You’re Small Enough)

In the latest round of FAQs on ACA implementation (now up to 35 if you’re keeping track), the DOL, HHS and Treasury Department addressed questions regarding HIPAA special enrollment rights, ACA coverage for preventive...more

OCR’s 2016 Ransomware ‘Guidance’: A Health Care Provider’s New Best Friend?

Background on Ransomware Attacks - Doomsday-esque ransomware scenarios are having an increasing impact on the health care industry, becoming commonplace in 2016. Security experts and the media have reported that health...more

Do You Know Where Your Data Is Located? Why Knowing is Half the Battle

Whether you realize it or not, you are probably storing some personal or business data in the cloud. The National Institute of Standards and Technology (NIST) defines cloud computing as a model for enabling ubiquitous,...more

1,718 Results
|
View per page
Page: of 69
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×