Health Insurance Portability and Accountability Act Data Protection

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

New HIPAA Tool Released by the Federal Government – Makes Assessing Risks Easier and It Won’t Cost You a Dime

Do you lie awake at night wondering if you or the health care entity for which you work is complying with the Health Insurance Portability and Accountability Act (“HIPAA”)? If so, you will be happy to hear that a good night’s...more

Government targets ‘risky business’ with free HIPAA assessment tool

Last week, the Office for Civil Rights of the U.S. Department of Health and Human Services released a toolkit for covered entities and business associates to use to perform a security risk assessment. The HIPAA Security Rule...more

ONC’s Security Risk Assessment Tool Is Useful but Could Be Improved

The Office of the National Coordinator for Health Information Technology (ONC) released a Security Risk Assessment Tool (SRA Tool) on March 28. According to the User Guide for the SRA Tool, the Tool is designed to help small...more

First Glance: Legal Implications of the Heartbleed OpenSSL Bug?

The vulnerability caused by the Heartbleed bug circumvents the purpose of OpenSSL: encryption. Therefore, the conclusion would appear to be that any data breach during the time of OpenSSL vulnerability would be reportable...more

Is Your HIPAA Compliance Program Going Out the Window with XP?

April 8, 2014 marks the end of Microsoft’s support for the Windows XP operating system, which means the end of security updates from Microsoft and the beginning of new vulnerability to hackers and other intruders into systems...more

HHS releases Security Risk Assessment Tool to Help Providers with HIPAA Compliance

In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more

HIPAA Security Risk Assessment Tool Released by HHS

HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more

New Resource Available to Providers for HIPAA Security Rule Compliance

On March 28, 2014, the U.S. Department of Health and Human Services (“HHS”) announced the release of a security risk assessment (“SRA”) tool to assist small- to mid-sized providers in conducting risk assessments of their...more

HIPAA Security Risk Analyses

As noted in Paul Kim and Hannah Whitman Clark's article regarding HIPAA Security Risk Analyses, CEs and BAs are required to review and update their risk assessments only under certain conditions after completing their initial...more

Eye on Privacy Newsletter - March 2014

In this issue: - Kaiser Foundation Health Plan Settles California Attorney General Charges over Delayed Data Breach Notification - Status of the EU Regulation and the Safe Harbor Framework - FTC Steps...more

HHS's New Security Risk Tool for HIPAA Compliance

On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more

Government Releases New Tool to Assist with HIPAA Security Rule Risk Assessments

The Office of Civil Rights (OCR), in collaboration with the HHS Office of the National Coordinator for Health Information Technology (ONC) and the Office of General Counsel (OGC), released a new security risk assessment (SRA)...more

Windows XP Use May Violate HIPAA Starting April 8, 2014

If you use Windows XP on April 8, you will be easily susceptible to cyber-attacks and violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

First HIPAA Settlement with County Government

On March 6, 2014, the Department of Health and Human Services’ Office for Civil Rights settled potential HIPAA violations with the Skagit County Public Health Department in Washington State for $215,000. Initially, OCR’s...more

Can covered entities run Windows XP and remain HIPAA compliant?

Microsoft recently announced that, after April 8, 2014, it will not longer provide security updates or technical support for Windows XP. Microsoft’s statement that “businesses that are governed by regulatory obligations such...more

Trustee Alert – HIPAA EDI Certification Proposed Rule

The Trust's business associates who perform electronic transactions on its behalf are required to follow certain HIPAA standards and operating rules. A recently published proposed rule introduces a new requirement to submit...more

Counties Beware – Your Governmental Status Does Not Protect You from Liability for a HIPAA Breach

As a county government, you may think that you have the protection of sovereign immunity and protection from other governments penalizing you. Your status does not protect you. The Department of Health and Human Services...more

Do Windows XP Users Risk HIPAA Non-Compliance?

Microsoft recently announced that, after April 8, 2014, it will not longer provide security updates or technical support for Windows XP. Microsoft’s statement that “businesses that are governed by regulatory obligations such...more

Take 5 Newsletter: 5 Employment Law Considerations in "The Cloud"

What is "the cloud," and what on Earth (pun intended) does cloud computing have to do with employment law? While many definitions abound, cloud computing at its core is a form of remote electronic data storage,...more

FTC Settles Case With Medical Transcription Company

The Federal Trade Commission (FTC) recently announced that it had settled its data privacy case against medical transcription firm GMR Transcription Services, Inc. (GMR) following allegations that GMR had failed to adequately...more

Health Law Blog: County Government Settles Alleged HIPAA Violations

A small county in Washington has agreed to pay $215,000 to settle allegations that it violated HIPAA by failing to secure electronic protected health information. Skagit County maintained protected health information (“PHI”)...more

HHS Settlement: Reminder That HIPAA Applies To Local Governments Big And Small

The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it had reached an agreement with Skagit County, Washington to settle potential HIPAA violations involving the County...more

Unprecedented HIPAA Fine May Mean Increased Scrutiny and Penalties

Triple-S Management Corp. (“Triple-S”), a Puerto Rico-based health insurer, has been fined $6.8 million by the Puerto Rico Health Insurance Administration (“PRHIA”) following a Health Insurance Portability and Accountability...more

Privacy and Security Becoming More Increasingly Critical

Privacy and security continue to be critical considerations for all businesses. While such considerations in the healthcare industry have received a lot of attention over the past years with the increasing requirements under...more

211 Results
|
View per page
Page: of 9