Health Insurance Portability and Accountability Act Enforcement

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Are your HIPAA ducks in a row? The next round of OCR HIPAA audits is approaching

In 2011 the Department of Health and Human Services’ Office for Civil Rights (OCR) established the HIPAA Pilot Audit Program to ensure compliance with HIPAA’s privacy, security and breach notification rules. The first...more

Nursing Facility Survey Trends - Directed Plans of Correction, Privacy Violations and FTag 520 Quality Assurance Committee...

Directed Plans of Correction, or DPOCs, have long been part of the arsenal of enforcement sanctions available to the Centers for Medicare & Medicaid Services for survey deficiencies, just like civil money penalties (CMPs);...more

HIPAA Violations Will Soon Be More Expensive

The U.S. Department of Health and Human Services (HHS) intends to use higher fines and a new round of audits to send a strong message to the healthcare industry about complying with the Health Insurance Portability and...more

Promises of Enhanced HIPAA Enforcement by HHS Illustrated by a Recent Record-Breaking Settlement Agreement and Increased Focus on...

An attorney from the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS) recently disclosed that covered entities could face increased scrutiny for HIPAA violations in 2014. Specifically, the...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

Health Law Alert: The Deadline for Amending Business Associate Agreements is Quickly Approaching

A key change from 2013’s HITECH “Omnibus” Rule was a requirement that Business Associate Agreements (“BAAs”) be modified to reflect revisions to HIPAA regulations. When the rule was issued on January 25, 2013, Covered...more

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

No Judicial Review of FTC Jurisdiction until the Agency Takes a Final Action

Companies that handle personal data may need to litigate an FTC enforcement action to its conclusion before a court will review the Commission's jurisdiction to commence the enforcement action in the first place....more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

New Round of HIPAA Audits To Begin Later This Year

The Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced it will resume its HIPAA compliance audit program — launched as a pilot program in 2012 — on a permanent basis in 2014. In...more

HIPAA Housekeeping - Don't Forget Your Annual Report of Small Breaches

If you are a "covered entity" under the Health Insurance Portability and Accountability Act ("HIPAA") and suffer a breach of protected health information, one of your first reactions should be to count the number of affected...more

Foundations in HIPAA - Building Blocks of Health Law

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

HIPAA Covered Entities Subject to FTC Act Enforcement of Data Security Practices

On January 16, 2014, the Federal Trade Commission (FTC) unanimously ruled that it has authority to regulate a healthcare provider’s inadequate data security programs in order to protect consumers from business’ failure to...more

HIPAA Security Rule Enforcement Not Yet Meeting Federal Requirements

A recent Office of the Inspector General (OIG) Report reviews progress made by the Office for Civil Rights (OCR) toward enforcement of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule following...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

HIPAA Alert: Caution!! Deadline Is September 23, 2013 - Action Must Be Taken To Comply With New Requirements Imposed By The HIPAA...

September 23, 2013 is the effective compliance date for many changes to the HIPAA Privacy, Security, Enforcement Rules and Breach Notification Rules as required by the "HIPAA Omnibus Rule" as published in January 2013. All...more

HIPAA Omnibus Final Rule Compliance Date Is Only Two Months Away

The compliance date for the omnibus final rule amending the privacy, security, breach notification and enforcement regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information...more

Large Educational/Health System Targeted For HIPAA Enforcement

Idaho State University (ISU) was recently the target of an investigation and enforcement action for violations of the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA)....more

Final HIPAA Regulations Impact Group Health Plans

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) sets forth rules to protect the privacy and security of individuals’ health information that is held by “covered entities,” such as group health plans....more

HIPAA Enforcement: Unleashing The Dogs

Prosecutors are a fun bunch and they love their jobs and their mission – to prosecute law-breakers for violating the law. ...more

HIPAA Task Force – May 2013

In this issue: - What Your Business Needs To Do About Hipaa — Now - Action Items for Covered Entities and Business Associates (including Subcontractors) - Changes Impacting Business Associates (including...more

Highlights of the Omnibus HIPAA/HITECH Final Rule

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more

Insurance Coverage for Healthcare False Claims Act, Stark, and HIPAA/HITECH Government Investigations

Federal enforcement of False Claims Act (FCA), Stark anti-kickback, and HIPAA/HITECH claims against healthcare companies continues to rise rapidly. FCA recoveries by the U.S. Department of Justice (DOJ) exceeded $9.5 billion...more

49 Results
|
View per page
Page: of 2