News & Analysis as of

HITECH Act Department of Health and Human Services (HHS) Data Protection

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

Troutman Pepper

Final Rule Aligns 42 CFR Part 2 with HIPAA and HITECH

Troutman Pepper on

On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more

Quarles & Brady LLP

Never Say Never Again: HHS Signals the Return of HIPAA Audit Program

Quarles & Brady LLP on

On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more

Shutts & Bowen LLP

New Guidelines Anticipated Following HHS’s Health Cybersecurity Concept Paper

Shutts & Bowen LLP on

Updates to the Health Insurance Portability and Accountability Act Security Rule (“HIPAA Security Rule”) are planned for Spring 2024. New guidance from The Department of Health and Human Services (“HHS”) via a recently...more

Manatt, Phelps & Phillips, LLP

Is OCR Correct That Website Metadata Is Regulated by HIPAA? Chicago Federal Court Asks

The plaintiff’s bar continues to bring new wiretapping claims over pixels and analytics programs in courts around the country, including against hospitals and other entities covered by the Health Insurance Portability and...more

Locke Lord LLP

Office of Civil Rights Guidance on Recognized Security Practices Under the 2021 HITECH ‎Act Amendment

Locke Lord LLP on

Last year, Congress enacted an amendment to the HITECH Act in January 2021 (“HITECH Amendment”) to require that the Department of Health and Human Services (“HHS”) consider whether a covered entity or business associate has...more

Goodwin

The Potential Impact of State Abortion Laws on Reproductive Health Apps

Goodwin on

Millions of women use reproductive health applications (or “apps”) to track menstrual cycles, ovulation, and pregnancy. These apps provide women that use the rhythm method for birth control and women seeking to become...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Proskauer on Privacy

Department of Health and Human Services Issues Request for Information on Cybersecurity Standards

Proskauer on Privacy on

The Department of Health and Human Services (“HHS”) has issued a formal request for information from the public about how regulated entities are implementing industry recognized security practices. The request for information...more

Holland & Knight LLP

Get Ready for HIPAA Questions on Your Recognized Security Practices

Holland & Knight LLP on

An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more

Ballard Spahr LLP

HIPAA Privacy Rule and Security Rule Developments to Note Early in 2021

Ballard Spahr LLP on

The Health Insurance Portability and Accountability Act (HIPAA) has been the subject of several major developments already in 2021. Healthcare providers, health plans, healthcare clearinghouses, and business associates...more

Epstein Becker & Green

HHS Addresses Federal Court Invalidation of Certain Provisions of the HIPAA rule Relating to the Third-Party Requests for Patient...

Epstein Becker & Green on

On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more

Holland & Hart - Health Law Blog

Modified HIPAA Rules for Sending Records to Third Parties

Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more

Miller Canfield

Understanding When Business Associates Are Directly Liable Under HIPAA

Miller Canfield on

New guidance issued by the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) reaffirms that business associates must have proper HIPAA compliance practices, safeguards and documentation in place...more

K&L Gates LLP

K&L Gates Triage: HIPAA Enforcement Discretion, Disputes, and Data

K&L Gates LLP on

The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - May 2019

Robinson & Cole LLP on

According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. ...more

Holland & Knight LLP

Impact of the New Health Industry Cybersecurity Practices: 2019 Outlook

Holland & Knight LLP on

• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more

Jackson Lewis P.C.

Enhanced HHS HIPAA Breach Reporting Tool May Aid Health Care Industry Data Security Efforts

Jackson Lewis P.C. on

Secretary Tom Price of the U.S. Department of Health and Human Services (HHS) announced his agency needs “to focus more on the most recent breaches and clarify when entities have taken action to resolve the issues that might...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

King & Spalding

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Burr & Forman

HIPAA For Lawyers And Law Firms: What you need to know to prevent your law firm from paying MILLION$

Burr & Forman on

For years now lawyers and law firms providing professional services to health care providers or health insurance plans should have had in place essential safeguards to meet the responsibilities and requirements as business...more

Davis Wright Tremaine LLP

New HIPAA Reports to Congress Shed Light on OCR Enforcement

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued two reports to Congress, as required by the HITECH Act. The compliance report details OCR’s enforcement activities for 2011 and 2012 and...more

Dickinson Wright

Providers: Prepare Your Breach Notification Policy!

Dickinson Wright on

On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and...more

Saul Ewing LLP

Medical practice agrees to payment due to HIPAA data breach

Saul Ewing LLP on

One day after Christmas, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced that a Massachusetts-based dermatology practice (Practice) agreed to a $150,000 payment and entered into a...more

Akerman LLP

It's Never Too Late To Give Guidance: OCR Starts Releasing HIPAA Omnibus Rule Guidance In Anticipation Of September 23 Compliance...

Akerman LLP on

This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more

68 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide