Health Insurance Portability and Accountability Act Compliance

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

When the Government Comes Knocking

This article will provide an outline of some of the most significant points for hospitals to use when confronted with a formal government investigation under the Criminal or Civil False Claims Act. As noted below, you should...more

Under the Thumb: Regulatory Compliance When Outsourcing Cybersecurity Management

Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More...more

Corridors September 2015 - News for North Carolina Hospitals

This article will provide an outline of some of the most significant points for hospitals to use when confronted with a formal government investigation under the Criminal or Civil False Claims Act. As noted below, you should...more

Seventh Circuit rules hospital system is not a Consumer Reporting Agency under FCRA

Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more

California, Nevada Expand Scope of Customer Personal Information Subject to Reasonable Security Measures

Recent statutory amendments passed in California and Nevada expanding the definition of “personal information” will significantly impact the security measures businesses operating in these states must implement when handling...more

HHS issues fact sheet on HIPAA rules and resources

The Department of Health and Human Services (HHS) has released a fact sheet on the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (HIPAA). Designed to apply to...more

Impending Deadline: CMS Issues Proposed Rule Reform for Long Term Care Facilities – Part 3 of 4

On July 16, 2015, the Federal Register published Centers for Medicare and Medicaid Services’ (CMS) proposed rule to reform the requirements for Long Term Care Facilities participating in Medicare and Medicaid. CMS will be...more

HIPAA Security Requirements Aren't Cloudy, Especially to Whistleblowers

Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced that it had entered into a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton,...more

Cloud Sharing Apps Scrutinized for ePHI

In a relatively short time period, the direct costs of document storage have dropped precipitously, and cloud-based document storage has become ubiquitous. Clearly, this is a wave of the future. But a recent settlement...more

Don't Fumble Your HIPAA Obligations: Ensure Your HIPAA Playbook Implements Appropriate Protections for Patients

The injuries suffered by a professional football player brought the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA") onto center stage of the media during the days...more

Blog: St. Elizabeth’s Medical Center Reaches Agreement to Settle Alleged HIPAA Breach

Last week, St. Elizabeth’s Medical Center (SEMC), a hospital located in Brighton, Massachusetts, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying...more

Legal Issues Business Leaders Need to Know in 2015: Top 10 Checklist

A compilation of time-sensitive and trending legal and regulatory issues that general counsels and business leaders should be aware of in 2015. Employers Should be Aware of Multigenerational Workforce Risk - For...more

HIPAA Settlement Regarding Use of Internet Applications

On July 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton, Massachusetts, regarding potential...more

Recent HHS Settlement Highlights Risks of Electronically-Sharing Protected Health Information

On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more

Use of File-Sharing Service Leads To $218,400 Fine For HIPAA Violations

Internet-based file-sharing services such as Dropbox and Google Drive can be easy and convenient to use, whether via the touch of an app on a mobile device or by opening a browser on a PC. Healthcare professionals are often...more

Massachusetts Hospital Agrees to Six-Figure Payment Related to HIPAA Compliance Allegations

St. Elizabeth’s Medical Center (SEMC), a tertiary care hospital based in Brighton, Mass., agreed to pay $218,400 to address deficiencies in its HIPAA compliance activities. The SEMC settlement continues a pattern of...more

OCR Enforcement Trends

On April 27, 2015, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Cornell Prescription Pharmacy (CPP) pursuant to which CPP paid a $125,000...more

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

A Year in Review: Key HIPAA Settlement Agreements by HHS’s Office for Civil Rights

The U.S. Department of Health and Human Services Office for Civil Rights had another busy year in 2014. More resolution agreements were signed by HHS and Covered Entities than in the previous year, and several Covered...more

Multiple Departments Issue Guidance on Wellness Programs

The Equal Employment Opportunity Commission (EEOC) made headlines during the second half of 2014 by attacking employers' wellness programs that require employees to undergo certain medical testing or be penalized. In three...more

EEOC Issues Long-Awaited Proposed Rule on Employer Wellness Programs

On April 18, 2015, the Equal Employment Opportunity Commission (EEOC) issued a proposed rule on the treatment of employer wellness programs under the Americans with Disabilities Act (ADA). The proposed rule amends the ADA...more

Data Breach Nightmare Scenario: News Affiliate Reports Improper Disposal of Patient Information

A tip from a local Denver news outlet lead to a compliance review, investigation and ultimately a resolution agreement between the Department of Health and Human Services’ Office for Civil Rights (“OCR”) and Denver-based...more

Employee Benefits Developments - April 2015

Health Insurance Company’s HIPAA Breach Affects Millions. At the end of January, a national BlueCross BlueShield affiliate, Anthem, Inc., discovered that its information technology systems were hacked. The information...more

2015 Trends: #10 Cybersecurity: A Risk that Needs to be on Your Ethics and Compliance To-Do List

The starting point for every ethics and compliance program must always be an analysis of the ethics and compliance risks faced by the organization. In that light, it’s important to listen to James Comey, Director, U.S....more

HIPAA Considerations In The Event Of Employee Death or Incapacitation

The Health Insurance Portability and Accountability Act of 1996, otherwise known as HIPAA, acts in part to provide federal protection for identifiable health information retained by covered entities, which includes most...more

143 Results
|
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×