Health Insurance Portability and Accountability Act Data Breach

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

Illinois Enacts Sweeping Changes to the Illinois Personal Information Protection Act

On May 6, 2016, Illinois joined a growing number of states that have strengthened their data breach notification requirements and expanded the definition of protected personal information. Effective January 1, 2017, HB1260...more

Tennessee’s Data-Breach Notice Requirements Among the Nation’s Toughest

On July 1, 2016, Tennessee’s new notice requirements for breaches of data security systems which compromise an individual’s personal information will take effect. The amendments to Tennessee’s current rules, found at T.C.A....more

Newest Ponemon study released on health care data breaches

The Ponemon Institute has recently released its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. The study has included business associates for the past two years. The study included information received...more

Recent Settlements and Upcoming Audits Highlight the Continuing Need to Focus on Core HIPAA Compliance Measures

Recent settlements and initiatives conducted by the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services highlight the continuing need for focus on compliance with the privacy and security...more

Tennessee Enacts Changes to Data Breach Statute

Businesses in the State of Tennessee should take note of several significant changes to Tennessee's data breach statute that take effect for data breaches occurring on or after July 1, 2016. Currently, Tennessee Code...more

Intermedix data breach class action case dismissed

We previously reported that Intermedix was sued in a class action lawsuit regarding the data breach involving millions of patient records....more

What's New with HIPAA?

A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more

Settlements reached for PHI Disclosures

In the last two months, the U.S. Department of Health and Human Services (“HHS”) announced two settlement agreements involving the disclosure of protected health information ("PHI"). In both instances, the health care...more

Negotiating Software Agreements – Key Terms For Electronic Health Records

Healthcare providers (Providers) rely on third party vendors for providing Electronic Health Record (EHR) software services. Due to the amount of protected health information Providers store in these software services, and...more

Raleigh Orthopedic Clinic settles with OCR for $750,000 for lack of business associate agreement

Consistent with the settlement the OCR agreed to with North Memorial Health Care of Minnesota, the Office for Civil Rights has settled its investigation of Raleigh Orthopaedic Clinic, P.A. (Raleigh Orthopaedic) for $750,000....more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Top Takeaways from IAPP

The world of privacy grows every day as more data goes through the cloud. The new trends and weekly data breaches make conferences like the Global Privacy Summit all the more relevant. Earlier this month we went to...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

Ransomware Cuts Deep, in Life & in Coverage

1. Beyond Breaches - With ransomware, cybersecurity in healthcare has gone far beyond HIPAA compliance, breaches of PHI or identity theft. For the unprepared healthcare provider not able to prevent ransomware or...more

Ex-Husband's Revenge Leads to HHS Trophy

Patient care is not confined to a single office or exam room, or a single physician or other provider. Caring for patients these days now includes complex coordination among physicians, nurse, technicians, staff, management,...more

Appeals Court Confirms that HITECH Violations Do Not Violate FCA

In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator's claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives...more

U.S. Market Entry for the German Healthcare IT Company

The healthcare market in the United States is massive, with total spending in excess of $3 trillion. Federal government incentives for the adoption of electronic health records has resulted in an increasingly interoperable...more

Sixth Circuit Affirms Dismissal of FCA Claim Based on Health Data Breaches

The U.S. Court of Appeals for the Sixth Circuit recently affirmed the dismissal of a False Claims Act (FCA) case premised on protected health data breaches. In United States ex rel. Sheldon v. Kettering Health Network, the...more

State AGs Upping the Ante on Health (and Other) Information Data Incidents – Expect Increased Enforcement Actions

State attorneys general (AGs) continue to emerge as major regulators of privacy, and increasingly, with respect to compromises of health-related data. Businesses concerned with U.S. customer or employee data have long...more

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

Preparing For and Responding To Data Breaches (Presentation)

While companies may be aware of the threats posed to their businesses by a data breach, they should also have a concrete plan in place so that they can respond effectively should one occur. In a recent webinar, attorneys from...more

One Week, $5.45 Million in Resolution Agreements for HIPAA Violations

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) continued its run of resolution agreements for HIPAA violations, pulling in $5.45 million from just two entities, North Memorial Health Care of...more

21st Century Oncology faces second class action suit for data breach of 2.2M records

We previously reported that 21st Century Oncology (21st Century) experienced a data breach of up to 2.2 million patient records that compromised the names, Social Security numbers and health and diagnostic information. It...more

Class action suit filed against 21st Century Oncology for data breach

We previously reported that 21st Century Oncology had suffered a data breach and notified 2.2 million patients that it had been the victim of a hacking that exposed the names, Social Security numbers, physicians’ names,...more

New Guidance Maps HIPAA Security Rule to NIST Cybersecurity Framework to Help Providers Manage Cybersecurity Risk

In a world of looming data breaches and significant penalties for the release of protected health information, the complexities of cybersecurity and compliance with the HIPAA Security Rule can be incredibly daunting. In 2014,...more

334 Results
|
View per page
Page: of 14
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×