Health Insurance Portability and Accountability Act Health Information Technology for Economic and Clinical Health

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

HHS Publishes New Guidance on HIPAA and Cloud Computing

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA [Audio]

In the third episode of their health tech podcast series, Ian O’Neill, a shareholder in Brownstein Hyatt Farber Schreck’s intellectual property department focusing on technology transactions, licensing, advanced media and...more

Ransomware? Don’t Pay It, Says FBI

What should companies do when ransomware hits? The FBI says: (a) report it to law enforcement and (b) do not pay the ransom. Given the recent onslaught in ransomware attacks—such as a 2016 variant that compromised an...more

Sixth Circuit Affirms Dismissal of False Claims Act Case Based on HITECH Data Breach

In United States ex rel. Sheldon v. Kettering Health Network, 816 F.3d 399 (6th Cir. 2016), the Sixth Circuit affirmed the lower court’s dismissal of a False Claims Act (“FCA”) suit based on a data breach involving electronic...more

Healthcare Business Associates

The Health Information Technology for Economic and Clinical Health (“HITECH”) Act modified the Health Insurance Portability and Accountability Act (“HIPAA”) by expanding the definition of Business Associates (“BA”) and their...more

Cybersecurity and the Role of ERISA Fiduciaries

The Employee Retirement Income Security Act of 1974, as amended (ERISA), protects plan participant benefits and account balances by imposing high standards of care on the plan’s fiduciaries. Fiduciaries who do not follow...more

OCR Announces Initiative to Amplify Investigations of Breaches Affecting Fewer than 500 Individuals

Taking another step toward more aggressive enforcement under the Health Insurance Portability and Accountability Act (“HIPAA”), on August 18, 2016, the U.S. Department of Health & Human Services (“HHS”) Office for Civil...more

OCR Begins HIPAA Phase 2 Audits

What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more

Just a Matter of Time: First-Ever Settlement of HIPAA Claims Against a Business Associate

On June 30, 2016, the Health and Human Services Office for Civil Rights (OCR) announced the first-ever settlement of Health Insurance Portability and Accountability Act (HIPAA) claims against a business associate. According...more

OCR levies first fine ever directly against business associate

Our predictions that the Office for Civil Rights (OCR) will become more aggressive with audits, investigations, and fines against HIPAA business associates has come true. On June 24, 2016, the OCR announced that it has...more

Cybersecurity News & Notes – June 2016 #3

In Case You Missed It: Illinois strengthened its data privacy and security law, with the amendments going into effect in January 2017. The amendments include expanding the definition of “personal information” to include a...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

Illinois Enacts Amendments to the Personal Information Protection Act

Last month, Illinois Governor Bruce Rauner signed into law a number of amendments to the State’s Personal Information Protection Act (“PIPA”) that expand the definition of protected personal information and increase certain...more

Illinois Enacts Sweeping Changes to the Illinois Personal Information Protection Act

On May 6, 2016, Illinois joined a growing number of states that have strengthened their data breach notification requirements and expanded the definition of protected personal information. Effective January 1, 2017, HB1260...more

Illinois Makes Extensive Changes to Data Breach Notification Law

On May 6, 2016, Illinois Governor Bruce Rauner signed HB1260, which significantly updates the state’s Personal Information Protection Act. The changes take effect on January 1, 2017. When the new law becomes effective,...more

Health Law Wire: Recent HIPAA Settlements Highlight the Importance of Business Associate Agreements (5/16)

The Office of Civil Rights (OCR), the agency within the United States Department of Health and Human Services that enforces the HIPAA Privacy and Security Rules, recently sent a clear message about the importance of business...more

Cyber Security

Roughly one million pieces of malware—computer viruses or malicious software—are released every day. In recent years, we’ve witnessed an unprecedented level of activity in the cyber arena, both in the form of increased...more

What's New with HIPAA?

A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more

Key Data Privacy and Security Concerns for Investment Firms

Privacy and data security concerns are among the most critical issues facing investment funds, advisors and managers (collectively, “investment firms”). This article outlines the privacy and data security challenges...more

OCR Updates HIPAA Audit Protocol for Phase 2

Recently, the Office of Civil Rights (“OCR”) provided an updated protocol that it will use when assessing compliance with HIPAA rules. OCR recently began Phase 2 of its HIPAA compliance audits, extending coverage of these...more

Expansion of HIPAA audit program now underway

As detailed in our latest webinar, “Daunting but doable: Preparing for the next round of HIPAA audits,” the Office for Civil Rights (OCR) has begun implementing the first full-phase HIPAA audit program. The 2009 HITECH Act,...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

Appeals Court Confirms that HITECH Violations Do Not Violate FCA

In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator's claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives...more

264 Results
|
View per page
Page: of 11
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×