News & Analysis as of

Health Insurance Portability and Accountability Act Office of Civil Rights

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -

Small Healthcare Provider Pays $31,000 for Failing to Have a Business Associate Agreement With File Storage Vendor

by Jackson Lewis P.C. on

Disclosing protected health information (PHI) to a business associate without a compliant business associate agreement (BAA) is an improper disclosure under the HIPAA privacy and security regulations. According to the HHS...more

OCR Levies Hefty Fine Against FQHC

Showing no signs of letting up on enforcement actions, the Office for Civil Rights (OCR) late last week settled an investigation against Metro Community Provider Network MCPN, a Colorado based federally qualified health...more

Phishing Incident Leads to $400,000 HIPAA Settlement

by Saul Ewing LLP on

?On April 12, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Metro Community Provider Network (MCPN) agreed to pay HHS $400,000 to settle alleged HIPAA Security Rule...more

Gone Phishin’: Hack Leads to HIPAA Settlement

While your business may indeed be a “victim” when hit by a phishing attack, your enterprise can also be responsible for violations of law associated with the incident. Earlier this week, the HHS Office for Civil Rights...more

$400,000 Settlement Highlights Need for Pre- and Post-Breach Safeguards

by Dickinson Wright on

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced another Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement. This one is with Metro Community Provider...more

ABCD Pediatrics Victim of Ransomware

ABCD Pediatrics, located in San Antonio, Texas has notified the Office for Civil Rights that a ransomware cyber intrusion has resulted in access to its servers, including the protected health information (PHI) of its...more

OCR Urges Covered Entities and Business Associates to Use HTTPS

New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities. According to OCR, the...more

AGG Food and Drug Newsletter - April 2017

by Arnall Golden Gregory LLP on

Arnall Golden Gregory LLP's Food and Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community, including regular updates on legislative initiatives from AGG’s Washington, DC...more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

Telecommuting Healthcare Employees Get Employers in HIPAA Compliance Hot Water

by Dickinson Wright on

As the healthcare industry has expanded to providing home healthcare services, more service providers are allowing their employees to work remotely, i.e., telecommuting. The flexibility for healthcare workers to work from...more

HIPAA Guidance Issued on Man-In-The-Middle Attacks

by McGuireWoods LLP on

Last week, the Office of Civil Rights (OCR) issued guidance on securing end-to-end communications for sensitive information transmitted between parties over the internet. The OCR warns against “man-in-the-middle” (MITM)...more

New HHS OCR Director Appointed – A Change in Course for HIPAA Enforcement?

by Arnall Golden Gregory LLP on

In late March, Roger Severino was appointed to be the new Director of the Department of Health and Human Services Office of Civil Rights (HHS OCR), the office responsible for enforcing the Health Insurance Portability and...more

Recent HIPAA Privacy and Security Settlements and Lessons Learned

by Perkins Coie on

Although the fate of the Affordable Care Act remains undecided, enforcement of the HIPAA privacy and security regulations by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services is ongoing,...more

OCR Identifies Continuing HIPAA Enforcement Issues, Areas of Future Guidance and Regulations

Last week the Health Care Compliance Association hosted its annual “Compliance Institute.” Iliana Peters, HHS Office for Civil Rights’ Senior Advisor for HIPAA Compliance and Enforcement, provided a thorough update of HIPAA...more

2017 HIPAA Enforcement: New Settlements and Penalties Already Total Over $11,000,000

by Williams Mullen on

In our last post, we highlighted the 2016 settlements between the Office for Civil Rights (OCR) and various covered entities (and business associates), in one of OCR’s most active years. As of now, 2017 is proving to be on...more

HHS Expected to Release Significant HIPAA Privacy Guidance This Year; Compliance Audits Proceed; Guide on Compliance Program...

by WilmerHale on

HIPAA privacy guidance, audits, and enforcement are continuing under the new Administration. On March 27, 2017, Iliana Peters, Senior Adviser for HIPAA Compliance and Enforcement at the US Department of Health and...more

Hey Dentists: No Business Associate Agreement, No Problem

by Ruder Ware on

According to the U.S. Health and Human Services Office for Civil Rights (OCR), dental practices are not required to have a business associate agreement with their dental laboratory before sharing protected health...more

HIPAA Checkup – How Good Are Your Policies and Procedures?

by Snell & Wilmer on

Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more

2017 HIMSS Conference Insights

Members of Arnall Golden Gregory LLP's Healthcare Information Technology team attended the 2017 HIMSS Conference February 19-23 in Orlando, FL. Hundreds of innovative companies and 40,000+ technology professionals took part...more

OCR’s Latest Health Breach Investigations Yield Big Settlements

by Reed Smith on

In a span of a few weeks in early January 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced two major settlements under the Health Insurance Portability and Accountability Act...more

2017 HIPAA Enforcement: Year to Date Lessons

With the announcements from OCR of three resolution agreements and one civil money penalty as of mid-February, OCR is off to a record start for HIPAA enforcement in 2017, with double the announcements as the same time last...more

Charging for Medical Records Can Cost You

by Roetzel & Andress on

Health care providers often are unaware of federal laws that regulate the process by which they charge patients for copies of medical records. Many providers incorrectly assume that only the law of the state in which the...more

The Rising Importance of Data Privacy and Security Practices for Healthcare Entities Facing Intensified Challenges

by McGuireWoods LLP on

For those in the healthcare industry, the privacy and security of information is vital to operations, but the importance and value of health information also makes the industry a prime target for threats. Studies suggest...more

Report Summarizes Healthcare Data Breaches in January 2017

Health care data breaches are not slowing. According to a report issued by Protenus, in conjunction with www.databreaches.net, the summary of healthcare data breaches in 2017 continues where 2016 left off. In January...more

Health Law Insights: February Newsletter

by Roetzel & Andress on

ALERT: Technical Noncompliance with HIPAA Can Lead to Big Penalties- As discussed in prior client alerts, the Office of Civil Rights (OCR), the agency charged with HIPAA enforcement, has increased HIPAA compliance...more

605 Results
|
View per page
Page: of 25
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!