Health Insurance Portability and Accountability Act Enforcement

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

A New Era of HIPAA Enforcement

Traditionally, HIPAA enforcement is assigned to the Department of Health and Human Services’ Office for Civil Rights (OCR). In November 2013, Health and Human Services’ Office of Inspector General sharply criticized OCR’s...more

Bernstein Shur’s Labor and Employment Practice Group Highlights Legal Issues to Watch in 2015

HIPAA in the Workplace - In late 2013, the Office of Inspector General issued a report critical of the Office of Civil Rights’ enforcement of the Health Insurance Portability and Accountability Act. OCR enforcement of...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

HIPAA Compliance: Are You Prepared for the 2015 HITECH Act Audits?

In 2015, the United States Department of Health & Human Services (HHS) Office of Civil Rights (OCR) will begin enforcing the requirements of the Health Insurance Portability and Accountability Act (HIPAA) and the Health...more

2014 – The Health Law Year in Review

Each year brings significant changes and challenges in the laws governing the health care industry, and 2014 proved to be no exception. What the year may have lacked in the high drama that accompanies comprehensive health...more

WEBINAR: Breach, Enforcement and Beyond: HIPAA Breach Notification Analysis and OCR Enforcement Activities

The Office for Civil Rights of the US Department of Health and Human Services revised the breach notification regulations last year in order to make the analysis of whether a breach occurred more objective. In addition, OCR...more

New Data Disposal Law in Delaware Requires Action by Impacted Businesses

While the federal government continues its inaction on data security bills pending in Congress, some U.S. states have been busy at work on this issue over the summer. A new Delaware law H.B. 295, signed into law on July 1,...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Are your HIPAA ducks in a row? The next round of OCR HIPAA audits is approaching

In 2011 the Department of Health and Human Services’ Office for Civil Rights (OCR) established the HIPAA Pilot Audit Program to ensure compliance with HIPAA’s privacy, security and breach notification rules. The first...more

Nursing Facility Survey Trends - Directed Plans of Correction, Privacy Violations and FTag 520 Quality Assurance Committee...

Directed Plans of Correction, or DPOCs, have long been part of the arsenal of enforcement sanctions available to the Centers for Medicare & Medicaid Services for survey deficiencies, just like civil money penalties (CMPs);...more

HIPAA Violations Will Soon Be More Expensive

The U.S. Department of Health and Human Services (HHS) intends to use higher fines and a new round of audits to send a strong message to the healthcare industry about complying with the Health Insurance Portability and...more

Promises of Enhanced HIPAA Enforcement by HHS Illustrated by a Recent Record-Breaking Settlement Agreement and Increased Focus on...

An attorney from the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS) recently disclosed that covered entities could face increased scrutiny for HIPAA violations in 2014. Specifically, the...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

No Judicial Review of FTC Jurisdiction until the Agency Takes a Final Action

Companies that handle personal data may need to litigate an FTC enforcement action to its conclusion before a court will review the Commission's jurisdiction to commence the enforcement action in the first place....more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

New Round of HIPAA Audits To Begin Later This Year

The Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced it will resume its HIPAA compliance audit program — launched as a pilot program in 2012 — on a permanent basis in 2014. In...more

HIPAA Housekeeping - Don't Forget Your Annual Report of Small Breaches

If you are a "covered entity" under the Health Insurance Portability and Accountability Act ("HIPAA") and suffer a breach of protected health information, one of your first reactions should be to count the number of affected...more

Foundations in HIPAA - Building Blocks of Health Law

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

HIPAA Covered Entities Subject to FTC Act Enforcement of Data Security Practices

On January 16, 2014, the Federal Trade Commission (FTC) unanimously ruled that it has authority to regulate a healthcare provider’s inadequate data security programs in order to protect consumers from business’ failure to...more

HIPAA Security Rule Enforcement Not Yet Meeting Federal Requirements

A recent Office of the Inspector General (OIG) Report reviews progress made by the Office for Civil Rights (OCR) toward enforcement of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule following...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

HIPAA Alert: Caution!! Deadline Is September 23, 2013 - Action Must Be Taken To Comply With New Requirements Imposed By The HIPAA...

September 23, 2013 is the effective compliance date for many changes to the HIPAA Privacy, Security, Enforcement Rules and Breach Notification Rules as required by the "HIPAA Omnibus Rule" as published in January 2013. All...more

52 Results
|
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×