Health Insurance Portability and Accountability Act Data Protection

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

“LoProCo”, 12,915 Complaints, and Other Lessons from OCR/NIST

12,915 complaints were reported in 2013 to the Department of Health and Human Services Office of Civil Rights (“OCR”) according to Illiana L. Peters, Senior Adviser for HIPAA Compliance and Enforcement. Cozen O’Connor...more

WEBINAR: Breach, Enforcement and Beyond: HIPAA Breach Notification Analysis and OCR Enforcement Activities

The Office for Civil Rights of the US Department of Health and Human Services revised the breach notification regulations last year in order to make the analysis of whether a breach occurred more objective. In addition, OCR...more

Healthcare Legal News: Volume 4, Number 3 - Special Issue: HIPAA Update

Recent Trends in HIPAA Liability - Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

September 22, 2014: Quickly approaching deadline to amend business associate agreements

The HIPAA Omnibus Rule, enacted last year, made a number of changes to the HIPAA privacy, security and breach notification rules. Some of these changes affected business associate provisions of the HIPAA privacy and security...more

New Data Disposal Law in Delaware Requires Action by Impacted Businesses

While the federal government continues its inaction on data security bills pending in Congress, some U.S. states have been busy at work on this issue over the summer. A new Delaware law H.B. 295, signed into law on July 1,...more

HIPAA For Lawyers And Law Firms: What you need to know to prevent your law firm from paying MILLION$

For years now lawyers and law firms providing professional services to health care providers or health insurance plans should have had in place essential safeguards to meet the responsibilities and requirements as business...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

Massachusetts Enforces Data Security Regulations Against Out-of-State Entity

On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with an out-of-state Rhode Island hospital, Women & Infants Hospital of Rhode Island (“WIH” or the “Hospital”), resolving a lawsuit against WIH...more

Rhode Island Hospital’s Breach of Health Information Leads to Settlement with Massachusetts Attorney General

On July 23, 2014, the Massachusetts attorney general announced a settlement with Women & Infants Hospital of Rhode Island (WIH) over the loss of unencrypted backup tapes. WIH agreed to pay $150,000 and undertake numerous...more

Health System Investigated for Leaving PHI in Doctor’s Driveway – Settles with OCR for $800K

While OCR enforcement activity has focused on a covered entity’s safeguarding of ePHI, organizations cannot forget about PHI in non-electronic form. To settle potential violations of the HIPAA Privacy Rule, Parkview Health...more

Five Lessons from OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

Last week, the HHS Office of Civil Rights (OCR) released two reports required by the Health Information Technology for Economic and Clinical Health (HITECH) Act: (i) the Annual Report to Congress on Breaches of Unsecured...more

The New "Meaningful Use" Landscape: A Transition from Incentives to Penalties - CMS Begins Enforcing Penalties for Failure to...

Starting in 2015, eligible physicians and hospitals participating in the Medicare Electronic Health Records Incentive Program who do not adopt "meaningful" use" certified electronic health record (EHR) technology will no...more

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

Privacy Tuesday – June 3, 2014

The first Tuesday in June is also the first Tuesday of meterological summer -and a welcome sight after a brutally-long winter for many of our readers. So, here’s to a happy Summer! Google Receives 12,000 Take-Down...more

No Judicial Review of FTC Jurisdiction until the Agency Takes a Final Action

Companies that handle personal data may need to litigate an FTC enforcement action to its conclusion before a court will review the Commission's jurisdiction to commence the enforcement action in the first place....more

Dealing with a Data Broker? Here's What you Need to Know

The FTC recently released its report, “Data Brokers: A Call for Transparency and Accountability.” The report is the result of a study of nine data brokers and provides legislative recommendations...more

Human Error Biggest Threat to Patient Data Security and Privacy

Human error remains the biggest threat to healthcare data privacy, according to the latest study on patient privacy and data security by the Ponemon Institute. Healthcare organizations also continue to struggle with...more

CMS and ONC Propose Rule to Help Providers Make Use of EHR and to Extend Timeline for Meaningful Use

The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) announced a proposed rule, on May 20, 2014, that would allow providers more flexibility...more

Proposed modifications to EHR Incentive Programs

Last year, HHS revised policies and definitions surrounding what constitutes certified EHR technology—required for meaningful use incentive program payment eligibility—from the 2011 Edition criteria to the 2014 Edition...more

CMS and ONC Issue Proposed Rule Modifying 2014 Requirements for EHR Incentive Programs and Certified EHR Technology

On May 23, 2014, the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) issued a proposed rule to modify (i) the meaningful use stage timeline of...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

247 Results
|
View per page
Page: of 10