Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

$5.5 Million HIPAA Settlement Underscores Importance of Audit Controls

On February 16, 2017, the HHS Office for Civil Rights (OCR) disclosed a $5.5 million settlement with Memorial Healthcare Systems (MHS) for HIPAA violations affecting the protected health information (PHI) of 115,143...more

What's "Hidden" in the 21st Century Cures Act for Health Care Entities

The 21st Century Cures Act (Cures) was signed into law December 13, 2016. While the primary focus of the 996-page Act centered on biomedical innovation, several components of Cures have significant implications for health...more

$5.5 Million HIPAA Settlement Matches Largest Payment To-Date

On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more

Notable New State Privacy and Data Security Laws – Part Two

This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more

Want to Know Why Memorial Healthcare Systems Is Paying HHS OCR $5.5 Million?

On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more

Modernization? SAMHSA Falls Short in Updating 42 C.F.R. Part 2

On January 18, 2017, the Department of Health and Human Services Substance Abuse and Mental Health Services Administration (“SAMHSA”) published a final rule amending 42 C.F.R. Part 2 (“Part 2”), with an effective date that...more

HIPAA for HR - Some Good News for Employers

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that was enacted to ensure protection of individuals’ protected health information (PHI). The Standards for Privacy of Individually...more

Health Care E-Note - Februaury 2017

Ransomware: A Reportable Breach? In the past several years, a huge increase has occurred in the number of electronic attacks in the United States using ransomware, a form of malware that targets and encrypts critical...more

Six Key Changes to the Common Rule

On January 19, 2017, sixteen federal agencies, including the Departments of Health and Human Services and Labor, published the first revision to the federal regulations governing the protection of human subjects participating...more

Technical Noncompliance with HIPAA Can Lead to Big Penalties

As discussed in prior client alerts, the Office of Civil Rights (OCR), the agency charged with HIPAA enforcement, has increased HIPAA compliance initiatives in recent months and is poised to continue its enforcement...more

Cybersecurity 2017: The Year in Preview

Introduction - Cybersecurity was a prominent factor in 2016 in all aspects of government, business and personal affairs. Russian and other foreign national hacking has the potential to spark a new form of cold...more

Fraud and Abuse Investigations Should be Taken Very Seriously

According to the United States Government, fraud and abuse recovery has an excellent return for each investment dollar spent. According to the Health Care Fraud and Abuse Control (HCFAC) Program Report,released by the...more

To Settle or Not to Settle – That Is the Question Raised by Recent HIPAA CMPs

On February 1, 2017, the Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that the Children’s Medical Center of Dallas (“Children’s”) has paid a civil monetary penalty (“CMP”) of $3.2 million...more

TortSource: Ransomware: A Reportable Breach?

In the past several years, a huge increase has occurred in the number of electronic attacks in the United States using ransomware, a form of malware that targets and encrypts critical data and systems for the purpose of...more

HIPAA Enforcement Update (October 2016 – January 2017)

Since October 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced four settlement agreements to resolve allegations of Health Insurance Portability and Accountability Act (HIPAA)...more

HIPAA Small Breach Notification Due March 1: “In Like a Lion, Out Like a Lamb” if You Submit Timely

March 1, 2017 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more

Hospital pays $3.2M Resulting from HIPAA Security Rule Noncompliance

In one of the last health care related acts of President Obama’s administration, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), imposed a multimillion-dollar HIPAA civil money penalty (CMP)...more

New Year, New Rules – The 2017 Illinois Personal Information Protection Act

On January 1, 2017, Illinois ushered in a broader and stronger personal information and data breach regime. The Illinois Personal Information Act (PIPA), 815 ILCS § 530, applies any entity that “handles, collects,...more

Lack of Timely Action and Knowledge of Risk Results in $3.2 Million Civil Monetary Penalty for HIPAA Violations

Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more

Children’s Medical Center of Dallas Clobbered by OCR

In a rare move by the OCR, it assessed a $3.2 million fine against Children’s Medical Center of Dallas (Children’s) after it issued a Notice of Proposed Determination against Children’s and Children’s failed to request a...more

State Data Breach Notification Statutes: A Year in Review and Preparing for 2017

Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of...more

"Privacy & Cybersecurity Update - January 2017"

In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more

21st Century Cures Act Includes Several Noteworthy Mental Health and Substance Use Provisions

The 21st Century Cures Act (Act), enacted in December 2016, has received widespread coverage for funding biomedical research and streamlining the drug approval process. The Act also includes the Helping Families in Mental...more

HHS Reaches $2.2 Million Settlement With Life Insurance Company For Impermissible Disclosure Of ePHI

On January 18, the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS OCR”) announced that it had agreed to a $2.2 million settlement with MAPFRE Life Assurance Company of Puerto Rico (“MAPFRE Life”),...more

2016 Edition of HIPAA Regulations Released

The Code of Federal Regulations has recently published the 2016 version of the HIPAA regulations. This is the most up-to-date “official” version of the HIPAA regulations....more

1,761 Results
|
View per page
Page: of 71
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×