Health Information Technology for Economic and Clinical Health Covered Entities

The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted in 2009, as part of the American Recovery and Reinvestment Act. The Act seeks to promote the adoption and use of health... more +
The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted in 2009, as part of the American Recovery and Reinvestment Act. The Act seeks to promote the adoption and use of health information technology. One of the key provisions of the Act establishes a national network of electronic health records.  less -
News & Analysis as of

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

HIPAA/HITECH Business Associate Agreements: The Home Stretch

The one-year transition rule expires on September 22, 2014. The final regulations under the HIPAA Privacy, Security, and Enforcement Rules as amended by HITECH, make several changes, including modifying the...more

Health Law Alert: The Deadline for Amending Business Associate Agreements is Quickly Approaching

A key change from 2013’s HITECH “Omnibus” Rule was a requirement that Business Associate Agreements (“BAAs”) be modified to reflect revisions to HIPAA regulations. When the rule was issued on January 25, 2013, Covered...more

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

Minimum Necessary and the Breach Standard

When the new HITECH rules came out OCR specifically said, “...uses or disclosures that impermissibly involve more than the minimum necessary information...may qualify as breaches.” But what exactly is the minimum necessary...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Covered Entity Fined $150,000 For Stolen Unencrypted Thumb Drive

HHS recently announced that it fined a dermatology practice $150,000 for failing to reasonably safeguard an unencrypted thumb drive and failing to conduct an accurate and thorough risk analysis of electronic PHI....more

Looking At The Past To Predict The Future Of HIPAA/HITECH Enforcement

2013 was a busy year for the Department of Health and Human Services (“HHS”). On January 17, 2013, HHS issued its Final Omnibus Rule, substantially modifying the Privacy, Security and Enforcement Rules promulgated by the...more

HHS Closes Out 2013 with 6th Resolution Agreement

Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs....more

Hearing to Address HIPAA Accounting of Disclosures

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

Ready For HITECH Changes On September 23, 2013? Find Out With This Compliance Checklist For Employer-Sponsored Health Plans

The final regulations implementing the Health Information Technology for Economic and Clinical Health (HITECH) Act were issued in January and compliance is required by September 23, 2013. The final regulations require covered...more

Checklist for Covered Entities and Business Associates

As the countdown to the compliance deadline for the Health Information Technology for Economic and Clinical Health (HITECH) Act Omnibus Rule begins, we offer the following as a reminder of tasks that covered entities,...more

HIPAA/HITECH Compliance Strategies for Medical Device Manufacturers

As computing power continues to become cheaper and more powerful, medical devices are increasingly capable of handling larger and larger sets of data. This provides the ability to log ever expanding amounts of information...more

HIPAA Marketing and Sale Provisions: Legal Potholes for Providers, Payors, Advertisers, Data Aggregators, Market Researchers and...

HIPAA Marketing and Sale Provisions Under HIPAA - The privacy and security standards under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and its regulations (the "HIPAA Rules") were designed...more

HIPAA/HITECH Final Rule - Assessing Your Organization's Compliance Readiness

The long awaited HIPAA/HITECH Final Rule became effective March 26, 2013, but covered entities, business associates and subcontractors will have until September 23, 2013, to fully comply. ...more

The HIPAA/HITECH Final Rule has arrived!

If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more

OCR Wants Feedback From Audited Covered Entities

The Office for Civil Rights (OCR) is preparing to conduct an online survey of the 115 covered entities it audited in 2012 as part of the HITECH-mandated, pilot audit program. OCR hopes to use the survey results to evaluate...more

Special Edition: Health Law Update - February 28, 2013

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

PHI Breach Reporting Deadline is March 1, 2013

To comply with the HITECH breach notice requirements, HIPAA covered entities are required to report all small breaches of unsecured protected health information (“PHI”) that occurred in calendar year 2012 to the U.S....more

Significant Changes to HIPAA Effective March 26, 2013

The following is a summary of the major changes to HIPAA under the new Final Rule: 1. Breach Notification Standard Lowered — In perhaps the most significant change under the Final Rule, the new regulations considerably...more

New HIPAA Omnibus Regulations – What Employers Who Sponsor Group Health Plans Need to Know to Comply

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

Employers Take Note: Final HIPAA Rules Mandate New Obligations for Group Health Plans

Group Health Plans - Employers that sponsor group health plans for their employees should pay careful attention to the newly announced final omnibus rule amending the Health Insurance Portability and Accountability Act...more

OCR Issues Final Modifications to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules to Implement the HITECH...

On January 25, 2013, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published a final rule (Final Rule) containing modifications to the privacy standards (Privacy Rule), security...more

Breaking Down The HIPAA Rule Changes: Part 5 Of 5 - Changes To Patients' Rights Under The Final Rule

In This Issue: - Right to Access Protected Health Information - Restrictions on Health Plan Disclosures - Guidance on How to Comply With the Expanded Patient Rights ..Evaluate Electronic Systems ..Revise...more

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

66 Results
|
View per page
Page: of 3