News & Analysis as of

Health Insurance Portability and Accountability Act Covered Entities

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -

HHS Publishes Health Care Cyber Attack Checklist

by Tucker Arensberg, P.C. on

HHS has published a very brief guide, in the form of a checklist, to explain the steps for a HIPAA covered entity or business associate to take in response to a cyber related security incident. You can access the checklist at...more

Healthcare Providers Beware: HIPAA Isn’t Your Only Concern Following a Data Breach–State Law Matters

by McGuireWoods LLP on

Healthcare service provider CoPilot Support Services (“CoPilot”) recently agreed to pay a $130,000 settlement after it waited over a year to notify patients of a data breach, in violation of New York’s breach notification...more

Healthcare Data Breach Enforcements and Fines

by Bryan Cave on

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

HIPAA Settlements in April and May Highlight Key Compliance Concerns for OCR

by Williams Mullen on

After a break in March with no new settlement agreements, OCR returned in April and May with quite a few. The Health Care Data Aware Blog already posted about a $400,000 OCR settlement released April 12, 2017, which can be...more

My Entity Just Experienced a Cyber-Attack! What Do We Do Now?

by Balch & Bingham LLP on

On June 9, 2017, the U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) released a cyber-attack “Quick Response” checklist (the Checklist) for the benefit of HIPAA covered entities and business...more

OCR Publishes Checklist and Infographic for Cyber Attack Response

OCR released a simple checklist and infographic last week to assist Covered Entities and Business Associates with responding to potential cyber attacks. As cybersecurity remains a pressing concern for health care entities,...more

Causes of Healthcare Data Breaches (Update)

by Bryan Cave on

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches...more

Complying With HIPAA Following a Ransomware Attack

by Morris James LLP on

In 2016, the U.S. Department of Health and Human Services (“HHS”) issued guidance to help covered entities and business associates understand, among other things, how to respond appropriately to ransomware attacks under the...more

Impermissible Disclosure of HIV Information Results in $387,000 HIPAA Settlement

by Saul Ewing LLP on

St. Luke’s-Roosevelt Hospital Center, Inc. (SLRHC), a member of the New York-based Mount Sinai Health System, paid $387,000 to the U.S. Department of Health and Human Services (HHS) and entered into a corrective action plan...more

HIPAA spring check-up: Your obligations to safeguard third-party patient health information in medical records produced in...

You’ve had your apple a day, but you can’t keep the subpoenas away… And, if your organization is facing a request seeking records or other materials that may contain patient health information (“PHI”), it bears...more

Employers: Are You Ready for a Cyberwar? Attackers Using Ransomware are Saying Show Me Your Bitcoin!

by Dechert LLP on

Recently, the WannaCry ransomware attack impacted 150 countries and over 300,000 computers. Not all ransomware attacks are so massive but they all are fast moving and require swift action to prevent destruction and lose of...more

Potential HIPAA Pitfalls for Developers of Healthcare Apps

by Perkins Coie on

As federal and state governments struggle to address future healthcare regulation, demand for healthcare that is cheaper, better and faster continues to surge. Every day, new healthcare apps are being developed to respond...more

Tips for Ensuring Your Organization Is HIPAA Compliant Amid Increased Enforcement Activity

Thus far in 2017, the U.S. Department of Health and Human Service’s Office for Civil Rights has continued the step-up in HIPAA enforcement activity we saw in 2016 and appears on track to exceed 2016’s enforcement...more

6 Takeaways from Memorial Hermann HIPAA Settlement: Press Releases Lead to $2.4 Million Payout

by Fox Rothschild LLP on

On April 26, 2017, Memorial Hermann Health System (“MHHS”) agreed to pay the U.S. Department of Health and Human Services (“HHS”) $2.4 million to settle potential violations of the Health Insurance Portability and...more

Failure to Ensure Vendor Safeguarded Protected Health Information Costs Small Health Care Provider $31,000

by Reed Smith on

Having proper internal systems and procedures in place to manage data security is essential for organizations storing personal information in any industry. But health care organizations that rely on external vendors to...more

2017 HIPAA Enforcement – Appears Not To Be Slowing Down

by Snell & Wilmer on

To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts. However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of...more

Securing ePHI in a Mobile Health World

Could a lost cell phone or laptop cost your organization millions of dollars? Mobile devices have enabled vast improvements in the efficiency and quality of healthcare delivery. ...more

Button up Your Business Associates Agreements or Pay the Price

by Bryan Cave on

Last month, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced a resolution agreement with the Center for Children’s Digestive Health (CCDH) which included a $31,000...more

Settlement Highlights Need for HIPAA-Covered Entities to Have Business Associate Agreements in Place with PHI Vendors

by Dickinson Wright on

The Department of Health and Human Services’ Office for Civil Rights (ORC) announced an agreement to settle possible Health Insurance Portability and Accountability Act (HIPAA) violations with The Center for Children’s...more

Your Business Associates Hold Your HIPAA Compliance Future In Their Hands: Eleven Things You Can Do

by Fox Rothschild LLP on

Our partner Elizabeth Litten and I were recently featured again by our good friend Marla Durben Hirsch in her article in the April 2017 issue of Medical Practice Compliance Alert entitled “Business associates who farm out...more

Another HIPAA Settlement: Stolen Laptop Costs $2.5 Million Plus Encryption Requirement

by Perkins Coie on

The U.S. Department of Health and Human Services (HHS) recently announced yet another HIPAA privacy and security settlement involving Protected Health Information (PHI) on a stolen laptop. Although this might be seen as just...more

$2.5 Million Settlement Reached as HIPAA Crackdown Continues on Unsecured Portable Devices

by Jones Day on

A recent settlement of $2.5 million for alleged violations of the Health Insurance Portability and Accountability Act ("HIPAA") continues a trend of government enforcement targeting health care providers and vendors that fail...more

A Draft Won’t Do: OCR Settles with CardioNet $2.5m for Failing to Finalize Policies and Procedures

On April 24, 2017, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced that CardioNet, a provider of remote mobile monitoring and rapid response services to patients at risk for cardiac...more

Two HIPAA Mistakes Lead to Fines from OCR

It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C....more

First HIPAA Settlement Involving Wireless Health Services Provider

by Poyner Spruill LLP on

We have previously written that the Internet of Things continues to spawn new cybersecurity and privacy concerns. These vulnerabilities have already served as plot devices for shows such as Homeland. Now, the U.S. Department...more

420 Results
|
View per page
Page: of 17
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.