Health Insurance Portability and Accountability Act Protected Health Information

The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the... more +
The Health Insurance Portability and Accountability Act is a United States federal statute enacted in 1996 to provide greater protection for individual's medical information and prescribe standards for the manner in which healthcare professionals gather, use, and maintain health information.  less -
News & Analysis as of

OCR Releases Information on What Phase 2 HIPAA Audits Will Look Like

The HHS Office for Civil Rights (OCR) recently presented information about the new look of its Phase 2 audit program. The new audits will look little like the old ones, with OCR conducting the audits itself and focusing on...more

Government targets ‘risky business’ with free HIPAA assessment tool

Last week, the Office for Civil Rights of the U.S. Department of Health and Human Services released a toolkit for covered entities and business associates to use to perform a security risk assessment. The HIPAA Security Rule...more

HHS releases Security Risk Assessment Tool to Help Providers with HIPAA Compliance

In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more

HIPAA Security Risk Assessment Tool Released by HHS

HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more

New Resource Available to Providers for HIPAA Security Rule Compliance

On March 28, 2014, the U.S. Department of Health and Human Services (“HHS”) announced the release of a security risk assessment (“SRA”) tool to assist small- to mid-sized providers in conducting risk assessments of their...more

HIPAA Security Risk Analyses

As noted in Paul Kim and Hannah Whitman Clark's article regarding HIPAA Security Risk Analyses, CEs and BAs are required to review and update their risk assessments only under certain conditions after completing their initial...more

HIPAA Complaint Seeks Class Action Status

A complaint filed in the Superior Court of California on March 14, 2014, requested certification as a class action and sought a wide variety of damages arising from a breach of personal information. Doe vs. Sutherland Health...more

Self-pay Confidentiality Rights: How Far Do Those Rights Go?

The HIPAA Privacy Rule has always provided an individual patient the right to request special, confidential treatment of his or her protected health information (PHI). That right is not absolute, however. Covered entities...more

First HIPAA Settlement with County Government

On March 6, 2014, the Department of Health and Human Services’ Office for Civil Rights settled potential HIPAA violations with the Skagit County Public Health Department in Washington State for $215,000. Initially, OCR’s...more

Health Update

Ten Years In: Charting the Progress of Health Information Exchange in the U.S. - HITECH: Federal Dollars Spur Adoption and Use: The modern era of HIE-related public policy began in May 2004 with the appointment...more

HHS Releases Guidance On Disclosure Of Mental Health Information Under HIPAA

The HHS Office for Civil Rights issued guidance in question-and-answer format clarifying when a provider may release information regarding a patient’s mental health to family members, friends, law enforcement, and others. The...more

Take 5 Newsletter: 5 Employment Law Considerations in "The Cloud"

What is "the cloud," and what on Earth (pun intended) does cloud computing have to do with employment law? While many definitions abound, cloud computing at its core is a form of remote electronic data storage,...more

Health Law Blog: County Government Settles Alleged HIPAA Violations

A small county in Washington has agreed to pay $215,000 to settle allegations that it violated HIPAA by failing to secure electronic protected health information. Skagit County maintained protected health information (“PHI”)...more

HHS Settlement: Reminder That HIPAA Applies To Local Governments Big And Small

The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it had reached an agreement with Skagit County, Washington to settle potential HIPAA violations involving the County...more

HHS Reports First HIPAA Settlement with a County Government

According to a HHS press release issued last Friday, Skagit County, Washington, has agreed to a $215,000 settlement with the agency to resolve allegations that the county’s HIPAA compliance program was deficient. The Skagit...more

CMS Issues Final Rule on Direct Access of Lab Test Results by Patients

On February 3, 2014, the Centers for Medicare and Medicaid Services (CMS) released a final rule that permits patients or their representatives to have direct access to the results of their lab tests. This rule change is...more

Some Things Better Left Unshared: Social Media and Medical Identity Theft

The Washington Post recently published an article reminding individuals not to tweet or otherwise share information concerning their medical conditions on social media, warning that disclosing such information publicly “is...more

Healthcare Legal News - February 2014 • Volume 4, Number 1

In This Issue: - CMS ISSUES FINAL RULE ON DIRECT ACCESS OF LAB TEST RESULTS BY PATIENTS: On February 3, 2014, the Centers for Medicare and Medicaid Services (CMS) released a final rule that permits patients or...more

Unprecedented HIPAA Fine May Mean Increased Scrutiny and Penalties

Triple-S Management Corp. (“Triple-S”), a Puerto Rico-based health insurer, has been fined $6.8 million by the Puerto Rico Health Insurance Administration (“PRHIA”) following a Health Insurance Portability and Accountability...more

HHS Rule Grants Patients Direct Access to Lab Test Results

The U.S. Department of Health and Human Services (HHS) recently published a Final Rule granting patients and their personal representatives access to the patient’s completed laboratory test reports directly from the lab...more

HHS Extends Patient Access To Laboratories

On February 6, 2014, the Department of Health and Human Services (HHS) published a Final Rule amending regulations implementing the Clinical Laboratory Improvement Amendments of 1988 (CLIA) and the Health Insurance...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Getting Your Own Lab Results Just Got Easier

Empowered patients know how important it is to obtain and read your own test results, which, disturbingly often, ordering doctors forget to pass on. But try to get them directly from the lab itself and you often would run...more

Health Care Entity Pays $150,000 to HHS as a Result of Stolen Thumb Drive Containing PHI

Encrypting USB drives, analyzing security risks, and implementing breach notification policies and procedures could mean the difference between compliance with the Health Insurance Portability and Accountability Act (“HIPAA”)...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

242 Results
|
View per page
Page: of 10