News & Analysis as of

Higher Education Highlights - Fall 2015

Risk managers who also happen to be attorneys are not always protected by the attorney-client privilege, according to a recent decision by the U.S. District Court for the Eastern District of Pennsylvania. In Casey v. Unitek...more

Are Attorneys Entitled to “HIPAA Rate”?

Over the past year, numerous lawsuits and complaints to the HHS Office for Civil Rights (“OCR”) have been filed by plaintiffs’ attorneys over a seemingly obscure HIPAA issue – the rate that health care providers and their...more

HIPAA Lessons from the Warner Chilcott Settlement

Last week, the US Attorney’s Office in Boston announced that drug company Warner Chilcott agreed to plead guilty to health care fraud and pay $125 million to resolve criminal and civil liability arising out of allegations...more

EEOC Grapples with Proposed Rule Comments on Wellness Program; Additional Guidance Expected Soon

As we previously reported, the Equal Employment Opportunity Commission (EEOC) released Proposed Rules on April 16, 2015 to provide guidance under the Americans with Disabilities Act (ADA) on permissible employer incentives...more

Comment period extended for NIST Cybersecurity Practice Guide

The National Institute of Standards and Technology has announced that due to stakeholder feed-back, the period to submit comments for the draft guide, “Securing Electronic Health Records on Mobile Devices” has been extended...more

Appellate Court Notes

Supreme Court Advance Release Opinions: SC19253 - RBC Nice Bearings, Inc. v. SKF USA, Inc. [An important decision on contract waiver but one all attorneys should recall from the UCC or Contracts course we took...more

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

Oregon Amends Data Breach Law — Companies Can Expect More Enforcement Actions

Oregon Gov. Kate Brown recently signed into law amendments to the state’s data breach law. These amendments recognize the growing definition of data, expand the role of the Attorney General in addressing data breaches,...more

Don't Fumble Your HIPAA Obligations: Ensure Your HIPAA Playbook Implements Appropriate Protections for Patients

The injuries suffered by a professional football player brought the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA") onto center stage of the media during the days...more

HIPAA and Jason Pierre-Paul’s Medical Chart – Setting the Record Straight

Last night, ESPN reporter Adam Schefter tweeted a photo of New York Giants defensive end Jason Pierre-Paul’s medical chart, which chart indicated that Pierre Paul had his index finger amputated. The amputation was apparently...more

An Unforgiving NLRB Holds That Protecting Patient Data Under HIPAA Can Still Violate Section 7 Rights

It would make sense that the systems housing patient records at a physician’s office should be protected by a robust duty on the part of the physician’s employees to keep such records confidential. The purpose, of course, is...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

OCR Launches Phase 2 HIPAA Audit Program with Pre-Audit Screening Surveys

Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities have reported that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently sent pre-audit screening surveys...more

$125k HIPAA settlement for small, single-location pharmacy

A settlement announced this week by the Department of Health and Human Services, Office for Civil Rights (“OCR”) reminds us of the importance of properly disposing of paper medical records. OCR and Cornell Prescription...more

Data Breach Nightmare Scenario: News Affiliate Reports Improper Disposal of Patient Information

A tip from a local Denver news outlet lead to a compliance review, investigation and ultimately a resolution agreement between the Department of Health and Human Services’ Office for Civil Rights (“OCR”) and Denver-based...more

EEOC Issues Proposed Regulations on Wellness Programs and the ADA

On April 20, 2015, the Equal Employment Opportunity Commission (EEOC) issued highly anticipated proposed regulations addressing the application of the Americans With Disabilities Act (ADA) to workplace wellness programs. In...more

Physician Practices Be Alert: You Might Be Violating HIPAA If You Produce Medical Records In Response To State Court Subpoenas

Over the past months, my experiences with physician practices have made me realize that many practices do not understand how HIPAA applies to subpoenas for medical records. More worrisome, I suspect that many practices...more

Disclosure of Germanwings Co-pilot’s Medical Information Raises Tricky Privacy Concerns

Recent reports surrounding Germanwings co-pilot Andreas Lubitz suggest that Lubitz told his doctors he was on sick leave (or was instructed by his doctors to be on sick leave), and concealed that he was still flying for the...more

Beware medical records subpoenas: Connecticut Supreme Court issues opinion on negligence for noncompliance with HIPAA standards

Health care providers and their medical records custodians constantly find themselves under pressure to release medical records immediately upon receipt of a subpoena. However, regardless of the subpoena or the pesky...more

Health Update - February 2015

Cyber Risk Insurance Policies: What You Need to Know - Editor’s Note: As data breach incidents and related cyber risks continue to increase and gain publicity—and government agencies become more actively involved in...more

Provider Beware: HIPAA and State Privacy Laws May Inform Negligence Suits

A recent opinion from the Connecticut Supreme Court illustrates that HIPAA is not the only law that covered entities and business associates must worry about if an unauthorized disclosure of protected health information (PHI)...more

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

HIPAA Violation Results in $4.8 Million Settlement: An IT Perspective

In today’s healthcare industry, information technology (“IT”) systems play an ever-expanding role in the success of a medical practice. Medical practitioners consistently juggle e-billing and electronic medical records...more

“Access Denied” – Understand How Your Electronic Health Records Are Controlled

Earlier this week, my colleague Dianne Bourque commented on a small medical practice’s inability to access its patients’ medical records one July day after its EHR vendor blocked the practice from pulling the data stored in...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

51 Results
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.