Health Information Technology for Economic and Clinical Health

The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted in 2009, as part of the American Recovery and Reinvestment Act. The Act seeks to promote the adoption and use of health... more +
The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted in 2009, as part of the American Recovery and Reinvestment Act. The Act seeks to promote the adoption and use of health information technology. One of the key provisions of the Act establishes a national network of electronic health records.  less -
News & Analysis as of

Minimum Necessary and the Breach Standard

When the new HITECH rules came out OCR specifically said, “...uses or disclosures that impermissibly involve more than the minimum necessary information...may qualify as breaches.” But what exactly is the minimum necessary...more

Federal agencies propose health IT regulatory framework, seek stakeholder input and participation in new initiatives

A little more than five years after the passage of the Health Information Technology Economic and Clinical Health (HITECH) Act, the Food and Drug Administration, Federal Communications Commission and the Office of the...more

Self-pay Confidentiality Rights: How Far Do Those Rights Go?

The HIPAA Privacy Rule has always provided an individual patient the right to request special, confidential treatment of his or her protected health information (PHI). That right is not absolute, however. Covered entities...more

Health Update

Ten Years In: Charting the Progress of Health Information Exchange in the U.S. - HITECH: Federal Dollars Spur Adoption and Use: The modern era of HIE-related public policy began in May 2004 with the appointment...more

DHHS Gearing Up to Begin HIPAA Audits of Business Associates

The office of US Department of Health and Human Services Secretary Kathleen Sebelius recentlyannounced plans to perform "pre-audit" HIPAA compliance surveys of 800 Covered Entities and 400 Business Associates. Under the...more

Get Ready! HHS OCR Announces Next Round of HIPAA Audits

To combat new risks associated with rapidly evolving health information technology, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act...more

Health Insurer Fined Unprecedented $6.8 Million for HIPAA Violations

Federal fines for violations of the Health Insurance Portability and Accountability Act (HIPAA) may not exceed $1.5 million per incident per year. That's already a big number to think about — but employers also need to...more

HIPAA Audits Set to Begin in 2014: Another Enforcement Mechanism for HIPAA Compliance

The Department of Health and Human Services (HHS) is expected to launch its long-awaited HIPAA audit program sometime in 2014. The audit program will be run by HHS’ Office of Civil Rights (OCR), which is likely eager to get...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Foundations in HIPAA - Building Blocks of Health Law

Recent enforcement actions and the new Omnibus Rule implementing several HITECH obligations highlighted the need for a new look at HIPAA obligations for covered entities and now business associates. HITECH not only raised the...more

Protect Your Blindside: Identify All HIPAA Business Associates/Subcontractors

Under the recently enacted Health Information Technology for Economic and Clinical Health (HITECH) Act, and implementing regulations, the definition of the HIPAA term "Business Associate" has been expanded. A "Business...more

Dermatology Practice Agrees to Settlement in Connection with HIPAA Breach

A Massachusetts-based dermatology practice recently agreed to pay $150,000 to settle claims that it failed to have sufficient policies and procedures in place to address a breach notification requirement under the HITECH Act....more

Covered Entity Fined $150,000 For Stolen Unencrypted Thumb Drive

HHS recently announced that it fined a dermatology practice $150,000 for failing to reasonably safeguard an unencrypted thumb drive and failing to conduct an accurate and thorough risk analysis of electronic PHI....more

HHS Announces First HIPAA Settlement Based on Lack of Breach Notification Policies and Procedures

The Department of Health and Human Services (HHS) recently announced the first settlement under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) based on violations of the law's privacy, security,...more

Privacy and Security Alert: January 9th, 2014

On December 5, 2013, the Office of Inspector General (OIG) reported on the Office for Civil Rights’ (OCR) compliance as of May 2011 with oversight and enforcement of the Security Rule and compliance with federal cybersecurity...more

Looking At The Past To Predict The Future Of HIPAA/HITECH Enforcement

2013 was a busy year for the Department of Health and Human Services (“HHS”). On January 17, 2013, HHS issued its Final Omnibus Rule, substantially modifying the Privacy, Security and Enforcement Rules promulgated by the...more

Settlement Reached Regarding Dermatology Practice’s HIPAA Violation

Adult and Pediatric Dermatology (A&P Dermatology) of Concord, Massachusetts has entered into a resolution agreement with the Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance...more

Providers: Prepare Your Breach Notification Policy!

On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and...more

HHS Gives A Thumbs Down For Stolen Thumb Drive

On December 26, 2013, the U.S. Department of Health and Human Services Office for Civil Rights (HHS) announced that it had reached an agreement with a Northeastern dermatology practice to settle potential HIPAA violations...more

A New Year’s Resolution (And Corrective Action Plan) From OCR: Physician Practice Cited For HIPAA Violations

The Office for Civil Rights (OCR) is closing out 2013 with a reminder of the importance of an effective HIPAA compliance program. On December 26, 2013, OCR announced a resolution agreement with a Massachusetts physician...more

Medical practice agrees to payment due to HIPAA data breach

One day after Christmas, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced that a Massachusetts-based dermatology practice (Practice) agreed to a $150,000 payment and entered into a...more

HHS Closes Out 2013 with 6th Resolution Agreement

Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs....more

2013 – The Health Law Year in Review

As 2013 draws to a close, we are pleased to look back on the year that was and highlight some of the key developments in the ever-changing field of health law. While a great deal of attention was focused on the implementation...more

HIPAA Security Rule Enforcement Not Yet Meeting Federal Requirements

A recent Office of the Inspector General (OIG) Report reviews progress made by the Office for Civil Rights (OCR) toward enforcement of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule following...more

On the First Day of Privacy, The OCR Gave to Me...

Welcome to our series, “The 12 Days of Privacy” as we look to “gifts” that may be received this season and some of the big issues ahead …. Day One – - HIPAA 2014 – Where will the Audit Trail Lead? The year 2013...more

201 Results
|
View per page
Page: of 9