Healthcare Document Retention
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 192: Business Issues for Healthcare with Ira Bedenbaugh and Randi Branham of Elliott Davis
Business Better Podcast Episode: Cyber Adviser – Your Data, My Headache: Consumer Health Data Laws
Conducting Healthcare Compliance Investigations
The FTC's Health Privacy Enforcement Actions
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Meeting Cancer Reporting Requirements
Medical Device Legal News with Sam Bernstein: Episode 10
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Patient Data and Privacy
Changing Telehealth Rules
De-Identification Under HIPAA and GDPR
Data Security Standards Audits
Compliance Programs and Doubt Mining
Employment Law Now VI-121 - Top 5 Fall Things You Need To Know
An Inside Look as a Juror - FCRA Focus Podcast
Expanded Information Block Rules Go into Effect
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
In light of the ongoing investigation of Change Healthcare’s ransomware attack that resulted in the improper disclosure of thousands of individuals’ PHI, now seems like a perfect time to discuss HIPAA’s requirements...more
Recently, lawsuits have been filed against Duke and WakeMed regarding their use of Meta’s Meta Pixel tracking product and the alleged improper disclosure of patients’ protected health information (“PHI”). The U.S. Department...more
On July 1, 2021, the California Department of Public Health (“CDPH”) issued new regulations (the “Regulations”) effective immediately that more narrowly limit the circumstances under which instances of unauthorized access to...more
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
On May 24, 2019, Oregon Governor Kate Brown signed into law Senate Bill 684, which requires vendors, service providers and other entities that maintain or possess consumers’ personal information to notify consumers of a...more
As attorneys, our livelihood is often heavily dependent upon the keeping of secrets. But in this complex electronic-data driven environment we work in, where physical security via locked doors and piercing alarms may no...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team...more
On March 21, 2018, South Dakota Governor Daugaard signed S.B. 62, enacting the state’s first data breach notification law, which will go into effect July 1, 2018. Previously, Alabama and South Dakota were the only U.S. states...more
A North Carolina bill designed to strengthen the state’s data breach notification statute could radically change incident response. Through the Act to Strengthen Identity Theft Protections, North Carolina could quickly become...more
Last week, the HHS Office for Civil Rights (OCR) launched an improved version of their HIPAA Breach Reporting Tool (HBRT), commonly referred to by OCR and regulated entities alike as the HIPAA “Wall of Shame.” OCR has also...more
Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of...more
Many New Year’s Resolutions focus on actions intended to save money and reduce stress. Organizations, especially those in the health care industry, should consider a resolution to review their breach notification procedures...more
Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more
If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more
Our articles this month focus on health care reform. First, Jim Napoli and Brian Neulander comment on the potential for litigation under the Affordable Care Act's (ACA's) whistleblower protections and ERISA Section 510 as a...more
On March 22, 2013, Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) Director Leon Rodriguez presented the keynote address to attendees of the American Health Lawyers’ Association HIPAA/HITECH Conference in...more
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) published the highly anticipated Omnibus Rule, which makes extensive changes (as promulgated by the Health Information Technology for Economic and...more
The final rule implementing new obligations under HITECH and changing obligations under HIPAA is finally out. Covered entities and business associates need to come into compliance with these requirements by September 23,...more
HHS has released its much-anticipated final omnibus rule about protected health information. The rule addresses privacy and security issues, including defining a business associate and expanding individuals' rights to...more
On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more
The Department of Health and Human Services recently released final regulations modifying the HIPAA Privacy, Security Breach Notification and Enforcement Rules (the “Omnibus Rule”). These regulations have far-reaching effects...more