News & Analysis as of

HIPAA Omnibus Rule Health Insurance Portability and Accountability Act (HIPAA)

The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013.   The Rule aims to strengthen existing privacy protections within the Health Insurance... more +
The HIPAA Omnibus Rule is a final rule issued by the U.S. Department of Health and Human Services on January 17, 2013.   The Rule aims to strengthen existing privacy protections within the Health Insurance Portability and Accountability Act of 1996 (HIPAA), improve the government's ability to enforce those protections, and give individuals greater access to their health information. One of the most significant changes associated with the Rule is the application of HIPAA's requirements to business associates of health care providers and health care claim processors. HHS broadened HIPAA's application to these groups after several large breaches were tied to business associates.  less -
Holland & Hart - Health Law Blog

HIPAA, Business Associates, and the Conduit Exception

Holland & Hart - Health Law Blog on

The HIPAA privacy and security rules impose significant requirements on covered entities and their business associates; violations may result in penalties ranging from $119 to $59,522 per violation. (45 CFR § 160.404; 45 CFR...more

Epstein Becker & Green

HHS Addresses Federal Court Invalidation of Certain Provisions of the HIPAA rule Relating to the Third-Party Requests for Patient...

Epstein Becker & Green on

On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more

Holland & Hart - Health Law Blog

Modified HIPAA Rules for Sending Records to Third Parties

Holland & Hart - Health Law Blog on

Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more

Baker Donelson

District Court Ruling Impacts HIPAA Access Request Permissible Charges

Baker Donelson on

On January 23, 2020, the United States District Court for the District of Columbia declared sections of the 2013 Omnibus Rule unlawful. The Court found that the Department of Health and Human Services (HHS) impermissibly...more

BakerHostetler

Federal Court Invalidates 2013 HIPAA Omnibus Rule Regulations and HHS Guidance on Fees for Copies of Medical Records

BakerHostetler on

In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus...more

Robinson+Cole Health Law Diagnosis

OCR Comments on Recent Ciox Case Vacating Certain Omnibus Rule Regulations and Guidance Relating to Fees for Providing Patient...

Robinson+Cole Health Law Diagnosis on

The HHS Office for Civil Rights (OCR) issued an Important Notice Regarding Individuals’ Right of Access to Health Records through its email list serve on January 29, 2020.  In the Notice, OCR addressed the recent memorandum...more

Miller Canfield

Understanding When Business Associates Are Directly Liable Under HIPAA

Miller Canfield on

New guidance issued by the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) reaffirms that business associates must have proper HIPAA compliance practices, safeguards and documentation in place...more

Womble Bond Dickinson

Sick of Waiting: Health Care Companies Urge FCC to Rule on Their July 2016 Petition Seeking Clarification on the TCPA Related to...

Womble Bond Dickinson on

Last Friday, a group of Health Care Companies issued a letter to the FCC requesting it to respond to their petition filed back in July 2016, which asked the FCC to clarify that the use of a health plan member’s telephone...more

Holland & Hart LLP

Minimizing Liability For Business Associate Misconduct

Holland & Hart LLP on

Healthcare providers, health plans and healthcare clearinghouses (“covered entities”) and business associates are subject to significant penalties for violations of the HIPAA Privacy, Security and Breach Notification Rules....more

Arnall Golden Gregory LLP

HIPAA Breach? Notify Promptly or Face Significant Potential Fines from HHS OCR

Arnall Golden Gregory LLP on

On January 9, 2017, the Department of Health and Human Services Office of Civil Rights (HHS OCR), which enforces the privacy requirements contained in Health Insurance Portability and Accountability Act (HIPAA), announced a...more

Foley & Lardner LLP

Transitional Compliance Period for Business Associate Agreements Expiring September 23, 2014

Foley & Lardner LLP on

If they have not already done so, covered entities and business associates have until September 23, 2014, to update their business associate agreements to comply with the January 2013 changes to the Health Insurance...more

Davis Wright Tremaine LLP

Looming HIPAA Deadline: Update Business Associate Agreements by Monday, September 22, 2014

Davis Wright Tremaine LLP on

Business associate agreements that have not already been updated as required by the HIPAA Omnibus Rule should be updated by September 22, 2014. The Omnibus Rule changed and added mandatory language for valid business...more

Dickinson Wright

Healthcare Legal News: Volume 4, Number 3 - Special Issue: HIPAA Update

Dickinson Wright on

Recent Trends in HIPAA Liability - Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including...more

Cooley LLP

HIPAA Omnibus Rule Deadline for BAAs Approaches

Cooley LLP on

The Final HIPAA Omnibus Rule (the “Omnibus Rule”), published in the Federal Register on January 25, 2013, made various important changes to how entities must comply with privacy and security requirements. While most...more

FordHarrison

Business Associate Agreements May Require Amendment

FordHarrison on

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

Foley Hoag LLP - Security, Privacy and the...

Don’t Put Off That New HIPAA Business Associate Agreement: September 23, 2014 Deadline Looms

Foley Hoag LLP - Security, Privacy and the... on

It’s been a while, but we have another HIPAA deadline just around the corner: September 23, 2014. September 23, 2014 is the date by which all HIPAA business associate agreements need to be in compliance with the...more

Baker Donelson

Foundations in HIPAA - Building Blocks of Health Law

Baker Donelson on

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

Tucker Arensberg, P.C.

H.H.S. Proposed Rule Affects HIPAA Privacy Rule And Background Check Reporting

Tucker Arensberg, P.C. on

The Department of Health and Human Services (HHS) has released a proposed rule that would modify the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule by allowing health care providers to make certain...more

Smith Anderson

How To Catch-Up in a Revised HIPAA World

Smith Anderson on

The HIPAA final omnibus rule (Omnibus Rule) made sweeping changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules earlier this year. Although the compliance deadline of September 23, 2013 has come...more

BakerHostetler

Healthcare Privacy – 2013 Year in Review

BakerHostetler on

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA...more

Dickinson Wright

HHS Delays NPP Amendment Requirement for Laboratories Regulated Under CLIA

Dickinson Wright on

Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus...more

Davis Wright Tremaine LLP

HHS Issues Model Privacy Notices: The Good, the Bad, and the Ugly

Davis Wright Tremaine LLP on

Just in time for the September 23, 2013, deadline for compliance with the HIPAA Omnibus Rule, the U.S. Department of Health and Human Services (“HHS”) issued a set of model notices of privacy practices for health care...more

BakerHostetler

OCR Releases Model Notices of Privacy Practices

BakerHostetler on

Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more

Winstead PC

Cloud Computing: Healthcare Issues in a Digital Age – (Part Two)

Winstead PC on

Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more

Baker Donelson

HHS Issues Guidance on Permitted Remuneration for Prescription Refill Reminders in the Absence of Patient Authorization

Baker Donelson on

On September 19, the Health and Human Services Department (HHS) issued guidance on the effect of the January 25, 2013 Final Rule provision about remuneration related to prescription refill reminders and medication adherence...more

148 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide