Health Insurance Portability and Accountability Act Covered Entities

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

Also In the News - Data, Privacy, & Security Practice Report - May 2015

ONC Releases Updated Guide To Privacy And Security of Electronic Health Information ? The Office of the National Coordinator for Health Information Technology (“ONC”) recently released Version 2.0 of the Guide to Privacy and...more

OCR Launches Phase 2 HIPAA Audit Program with Pre-Audit Screening Surveys

Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities have reported that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently sent pre-audit screening surveys...more

New Study Finds That Criminal Attacks Are The Number One Cause Of Health Sector Data Breaches

On May 7, 2015, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data (the “Study”), which surveyed 90 HIPAA covered entities and 88 business associates regarding their...more

OCR Transmits Pre-Audit Screening Surveys to Covered Entities for Phase 2 HIPAA Compliance Audits

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) recently transmitted HIPAA pre-audit screening surveys to covered entities that may be selected for a second phase of HIPAA compliance audits...more

OCR Enforcement of HIPAA Affects Entities of all Sizes Small Pharmacy Enters into Latest Settlement

U.S. Department of Health and Human Services (HHS) announced late last week that Cornell Prescription Pharmacy (Cornell) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996...more

OCR Announces Another HIPAA Settlement and Warns Not to Forget About Paper Records

On April 27, 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy (“Cornell Pharmacy”) had entered into a resolution agreement to settle,...more

2015 Phase Two HIPAA Audits – Delayed Again

Recently, the Director of the Department of Health and Human Services Office for Civil Rights (“OCR”) confirmed that OCR is still working to finalize the procedures for “Phase Two” HIPAA audits. OCR had initially planned to...more

HIPAA Rules and Procedures in the Event of a Data Breach, Part Two

My last post focused on the discovery and investigation of a data security breach to determine if breach notification is needed. Today’s post now turns to the requirements of breach notification triggered by a data security...more

HHS Settlement: Dumpster-Diving Leads to Settlement for Improper Disposal of Documents Containing Protected Health Information

The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it has reached an agreement with a small pharmacy to resolve potential HIPAA violations. The settlement arose from the...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Cloud Storage Provider?

This week, the HIPAA FAQ series continues with another topic about business associate agreements (BAAs). As most Covered Entities and Business Associates know, in the event that a Covered Entity utilizes a service provider...more

EEOC Issues Proposed Wellness Program Amendments to ADA Regulations

On April 16, 2015, the Equal Employment Opportunity Commission (“EEOC”) released its highly anticipated proposed regulations (to be published in the Federal Register on April 20, 2015, for notice and comment) setting forth...more

Health Plan Lawsuits and Data Breach Claims: Recent Developments and Implications

Five class action lawsuits have been filed against Premera Blue Cross in federal court in Seattle, Washington following the recent report of a data breach that affected approximately 11 million individuals. The lawsuits make...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Mail Carrier?

This week, the HIPAA FAQ series continues with a topic about business associate agreements (BAAs). Most Covered Entities and Business Associates are familiar with general BAA obligations. ...more

Pharmacies: Watch Out for Future HHS Crackdowns on Security Rule Violations

As we all know by now, HIPAA required the Secretary of the U.S. Department of Health and Human Services (HHS) to adopt regulations protecting the privacy of "protected health information" (PHI). HHS responded to that...more

Blog: HIPAA FAQ Series: Does HIPAA Permit Communications via E-mail with PHI Subjects?

Last week, we introduced a new series to this blog that will cover frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). This week, the series continues by delving into a hot...more

Locke Lord QuickStudy: Montana and Wyoming Update Data Breach Laws

Montana and Wyoming have recently revised their data breach notification laws including their definitions of what constitutes Personally Identifiable Information (PII) subject to breach notification. ...more

OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014

With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

Blog: HIPAA FAQ Series: Are Covered Entities Liable for Business Associates’ HIPAA Violations?

This post marks the beginning of a new series on this blog covering various frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). ...more

Office of Civil Rights Delays Phase 2 Audits

The Office of Civil RIghts (“OCR”) recently announced that Phase 2 of the HIPAA audits would be further delayed because the audit portals and project management tools that are needed to initiate the audit process are not...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Blog: Deadline Approaching for Reporting 2014 HIPAA Breaches

All covered entities that discovered security breaches under the Health Insurance Portability and Accountability Act (“HIPAA”) in 2014 should be aware of an upcoming reporting deadline. ...more

Employers with Group Health Plans: Have You Notified State Regulators of the Breach?

Data security breaches affecting large segments of the U.S. population continue to dominate the news. Over the past few years, there has been considerable confusion among employers with group health plans regarding the...more

Preparing for a Data Breach – What to Know about Breach Notification

Data breaches are at the forefront of the news, and many companies, including those dominant in the health care industry, have found themselves front and center in the headlines. Although recent news stories have focused...more

151 Results
|
View per page
Page: of 7

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×