News & Analysis as of

HIPAA Breach Personally Identifiable Information

Ballard Spahr LLP

2024 HIPAA Developments

Ballard Spahr LLP on

Over the course of the past few months, the Office of Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC), both of which are divisions of the U.S. Department of Health and...more

Robinson+Cole Data Privacy + Security Insider

Reporting of Breaches Under 500 Due by March 1

HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals no later than...more

Pullman & Comley - Connecticut Health Law

Vox Article on Vulnerabilities of COVID-19 Testing Registration System Serves as Reminder of the Dangers of Tracking Tech on HIPAA...

In 2018, we published an article on Walgreens’ use of session replay scripts and how such use could lead to an accidental data breach under HIPAA. Last week, an article in Vox explained how Walgreens was again apparently...more

Akerman LLP - Health Law Rx

Providers: Cyberattacks Are Still Coming–Are You Prepared?

Cyberattacks against healthcare providers accounted for 79% of all reported data breaches in 2020. (See here). The U.S. Department of Health and Human Services’ (HHS) Office of the Assistant Secretary for Preparedness and...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - January 2021 #3

Robinson & Cole LLP on

CYBERSECURITY - NYDFS - Cybersecurity Certificate of Compliance Due April 15, 2021 The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more

Robinson+Cole Health Law Diagnosis

Fifth Circuit Overturns “Arbitrary and Capricious” $4.3 Million HIPAA Penalty Against Hospital

On January 14, 2021, the U.S. Court of Appeals for the Fifth Circuit overturned a $4.348 million penalty for alleged HIPAA violations assessed by the U.S. Department of Health & Human Services (HHS) against the University of...more

Robinson+Cole Health Law Diagnosis

OCR Announces it Will Not Impose HIPAA Penalties for Use of COVID-19 Vaccine Scheduling Apps

The Office of Civil Rights (OCR) issued a notice this week stating that it will not impose penalties for HIPAA non-compliance in connection with a covered entity health care provider’s or business associate’s good faith use...more

Robinson+Cole Data Privacy + Security Insider

Excellus Health Plan Pays $5.1M to OCR in Settlement Following Data Breach

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that it had entered into a Resolution Agreement, Corrective Action Plan, and settlement with Lifetime Healthcare, Inc., the...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 20, Number 12. Privacy Briefs: December 2020

Report on Patient Privacy 20, no. 12 (December 10, 2020) - Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks as the company races to deploy its COVID-19...more

Health Care Compliance Association (HCCA)

From Her Words to OCR's Ears: 'Dissent' Seeks to Hold Hackers, Leakers Accountable

Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more

Robinson+Cole Data Privacy + Security Insider

ShopRite Settles with NJ AG for Data Breach

New Jersey Attorney General (AG) Gurbir S. Grewal announced on November 2, 2020, that his office has settled with ShopRite’s parent company, Wakefern Food Corp. (Wakefern) and two of its supermarket entities for $235,000 for...more

Arnall Golden Gregory LLP

Two New HIPAA Settlements Announced as OCR Enforcement Streak Continues

In a continuation of its recent enforcement streak, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced two new HIPAA settlements last week. The first settlement is with Aetna Life...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - October 2020 #3

Robinson & Cole LLP on

CYBERSECURITY - Patching Gets More and More Complicated but Is Critical for Managing Risk - Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as...more

Robinson+Cole Data Privacy + Security Insider

Community Health Systems, Inc. Settles for $5 M in Multi-State Settlement

On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a...more

Robinson+Cole Data Privacy + Security Insider

Data Breach Regulatory Settlements Update

Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health....more

Rivkin Radler LLP

Anthem Agrees to $48 Million Multi-State Settlements Over 2014 Data Breach

Rivkin Radler LLP on

Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more

Robinson+Cole Data Privacy + Security Insider

Premera Blue Cross Settles with OCR for $6.85 Million for Breach of 10.4 Million Records

Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more

Robinson+Cole Data Privacy + Security Insider

Athens Orthopedic Settles with OCR for $1.5M for Data Breach

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more

Robinson+Cole Data Privacy + Security Insider

HIPAA Business Associate Pays $2.3 Million Settlement After Hackers Target PHI of Over 6 Million Individuals

Health care providers and contractors continue to be a popular target for hackers. Recently, CHSPSC LLC (CHSPSC), which provides various services to hospitals and clinics indirectly owned by Community Health Systems, Inc. of...more

Bricker Graydon LLP

OCR announces second-largest HIPAA breach settlement

Bricker Graydon LLP on

On September 25, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced that it reached a settlement with Premera Blue Cross (PBC), a health plan operating in Washington and Alaska,...more

Foley Hoag LLP - Security, Privacy and the...

HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 Million Individuals

With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more

Robinson+Cole Data Privacy + Security Insider

Size Doesn’t Matter for OCR Enforcement Actions

Small health care organizations may think they are under the radar of the Office for Civil Rights (OCR), but a settlement the OCR agreed to last week should disabuse small health care providers of that notion....more

Bricker Graydon LLP

HIPAA settlement highlights importance of mobile device encryption

Bricker Graydon LLP on

On July 27, 2020, the U.S. Department of Health and Human Services (HHS) announced that it reached a settlement with a Rhode Island nonprofit health system related to the theft of an unencrypted laptop containing its...more

Robinson+Cole Data Privacy + Security Insider

City of LA Email Blunder Exposes COVID-19 Test Results to All Recipients

Although email seems to be the preferred method of communication during the coronavirus pandemic, an error made by a City of Los Angeles employee is one to learn from and avoid repeat....more

Robinson+Cole Data Privacy + Security Insider

Over 30 Data Breach Incidents in Health Care Reported to HHS Thus Far in 2020, Affecting Over 1 Million Individuals

Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), over 30 reports of data breaches have been filed by health care...more

165 Results
 / 
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide