Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
The U.S. Department of Health and Human Services ("HHS") issued a concept paper describing its overarching strategy to address healthcare cybersecurity. The concept paper builds on the Biden-Harris Administration's National...more
Sponsors of clinical trials in the United States have a regulatory responsibility under 21 CFR Part 312.50 to monitor the progress of clinical studies. Historically, Sponsors performed in-person monitoring visits of every...more
Enforcement Actions - In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more
The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more
An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more
On January 5, 2020, President Trump signed into law H.R. 7898. This new statute amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Department of Health and Human Services...more
As this decade begins, Americans are increasingly apprehensive about the privacy of their personal information. A recent survey found that approximately four out of five Americans are concerned about how their data is used,...more
On May 22, 2020, the Federal Trade Commission (the “FTC”) published its decennial request for public comment (the “RFC”) on the FTC’s Health Breach Notification Rule (the “HBN Rule”)....more
It feels like we’ve been seeing a lot more health care breaches caused by hackers and other IT security incidents, and there’s a good reason why: a recent report by cloud security company Bitglass confirms that both the...more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
On Dec. 28, 2018, the U.S. Department of Health and Human Services (HHS) announced the release of voluntary cybersecurity practices and tools for the healthcare industry. The documents were the result of Section 405(d) of the...more
Last week, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), issued a Request for Information (RFI) seeking public input on modification of the Privacy and Security Rules under the Health...more
On Jan. 3, 2018, the Substance Abuse and Mental Health Services Administration (SAMHSA) issued its final rule regarding the Confidentiality of Substance Use Disorder Patient Records Part 2. These changes become effective Feb....more
The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more