HITECH Act, Encryption

Encrypt Your Devices or Face HIPAA Penalties

Holland & Hart - Health Law Blog on 11/8/2019

This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

Alston & Bird on 12/6/2016

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Mintz - Privacy & Cybersecurity Viewpoints on 6/15/2016

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

Davis Wright Tremaine LLP on 4/21/2016

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

HIPAA Compliant Technology and the Importance of Encryption

Foley Hoag LLP - Security, Privacy and the... on 2/24/2015

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Alert: Five Ways to Reduce Your HIPAA Liability

Cooley LLP on 1/26/2015

As of early December 2014, 1,170 security breaches under the Health Insurance Portability and Accountability Act (HIPAA) involving 31 million records had been reported to the U.S. Department of Health and Human Services (HHS)...more

Covered Entity Fined $150,000 For Stolen Unencrypted Thumb Drive

Dentons on 1/15/2014

HHS recently announced that it fined a dermatology practice $150,000 for failing to reasonably safeguard an unencrypted thumb drive and failing to conduct an accurate and thorough risk analysis of electronic PHI....more

HHS OCR Director Leon Rodriguez's Dialogue on HIPAA/HITECH Compliance

BakerHostetler on 5/23/2013

“HIPAA is a valve, not a blockage,” stated HHS OCR Director Leon Rodriguez, at the OCR/NIST 6th Annual Conference on Safeguarding Health Information: Building Assurance through HIPAA Security....more

Personal Smartphones: A Ticking HIPAA/HITECH Time Bomb?

BakerHostetler on 4/10/2013

In this brave new world of health information privacy, many industry experts and healthcare organizations have emphasized the need to secure portable electronic devices such as laptops, issued to employees. But a recently...more

McAfee & Taft Healthcare Industry Alert: New HIPAA regulations - Begin your compliance review now

McAfee & Taft on 2/4/2013

On January 17, 2013, the Department of Health and Human Services issued a final rule amending the Health Insurance Portability and Accountability Act (HIPAA) privacy and security regulations and implementing the Health...more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

BakerHostetler on 1/21/2013

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

HITECH Act › Encryption

"My best business intelligence, in one easy email…"