News & Analysis as of

Provider Beware: HIPAA and State Privacy Laws May Inform Negligence Suits

A recent opinion from the Connecticut Supreme Court illustrates that HIPAA is not the only law that covered entities and business associates must worry about if an unauthorized disclosure of protected health information (PHI)...more

Responding to Subpoena for Medical Records May Create Liability for Healthcare Providers Under State Law Negligence Claims

Healthcare providers receiving a subpoena for patient medical records may want to think twice before complying with the subpoena and producing the records. A recent Connecticut case, Byrne v. Avery Center for Obstetrics and...more

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

HIPAA Violation Results in $4.8 Million Settlement: An IT Perspective

In today’s healthcare industry, information technology (“IT”) systems play an ever-expanding role in the success of a medical practice. Medical practitioners consistently juggle e-billing and electronic medical records...more

“Access Denied” – Understand How Your Electronic Health Records Are Controlled

Earlier this week, my colleague Dianne Bourque commented on a small medical practice’s inability to access its patients’ medical records one July day after its EHR vendor blocked the practice from pulling the data stored in...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

No Harm, No Foul – Appellate Court Finds No CMIA Claim Without Actual Injury

California’s Confidentiality of Medical Information Act, Cal. Civ. Code § 56 et seq. (“CMIA”), provides that an individual may recover $1,000 nominal damages (plus actual damages if any) based on the negligent release of...more

News from the Health Law Gurus™

Pa. Supreme Court Weighs in on Medical Record Charges — In Wayne M. Chiurazzi Law v. MRO, Chief Justice Ronald D. Castille, writing for the majority of the Pennsylvania Supreme Court, interpreted the Medical Records...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

HHS Announces $800,000 HIPAA Settlement in Medical Records “Dumping” Case

On June 23, 2014, The Department of Health and Human Services (HHS) entered into an $800,000 settlement with Parkview Health System, Inc. (“Parkview”), a nonprofit community health system servicing northeastern Indiana and...more

$800,000 Medical Records Dumping Settlement: Expensive Reminder that HIPAA Applies to Paper Records, Too

A 2009 incident involving the dumping of 71 boxes of medical records will cost an Indiana-based health system, Parkview Health System, Inc. (“Parkview”), $800,000 for alleged violations of the Health Insurance Portability and...more

Health Data Breach Victims Have Standing to Sue Says WV Supreme Court

The most common defense against class actions for data breach has itself been breached in a ruling last week by the West Virginia Supreme Court....more

Reporting Child Abuse

Most health care providers believe they understand their duty to report child abuse, but... There are a number of overlapping and apparently conflicting public policy objectives and the legal requirements can get...more

Health Update - Feb 25, 2014

Integrating Physical and Behavioral Health: Strategies for Overcoming Legal Barriers to Health Information Exchange - A growing number of Medicaid officials believe that coordinating care across the physical and...more

FTC and Accretive Health Settle Unfair Business Practice Complaint Centered on Data Security Measures

Accretive Health recently agreed to settle a Federal Trade Commission (FTC) complaint that stems from a July, 2011 incident in which an Accretive employee’s laptop was stolen from his car. As a medical billing and revenue...more

Recent HIPAA Settlement Highlights Danger of Failure to Perform Security Risk Assessments, Implement HIPAA Policies and Train...

A recent Health Insurance Portability and Accountability Act ("HIPAA") settlement, which is notable as the first HIPAA settlement with a covered entity for failure to have policies and procedures in place to comply with...more

Privacy Class Action – Theories of Liability – 2013 Year in Review

One hot area of data privacy litigation over the past several years has been data breach class actions brought under the California Confidentiality of Medical Information Act (“CMIA”), which provides that a person may recover...more

Health Law Blog: HIPAA Update: Don't Forget Your Photocopiers

Affinity Health Plan has agreed to pay more than $1.2 million to settle potential violations of the HIPAA Privacy and Security Regulations....more

Seven-Figure HIPAA Settlement Prompted by Photocopier Breach

The Office for Civil Rights’ (OCR) latest seven-figure fine for HIPAA violations resulted from a failure to remove protected health information or “PHI” from the hard drive of a leased photocopier. The $1,215,780 settlement...more

Privacy Monday – July 22, 2013

Privacy gaffes and tidbits to start your week. Keeping up with Kardashians is NOT a defense under HIPAA - The LA Times recently reported the firing of six workers at Cedars-Sinai Medical Center in connection...more

HIPAA and the Omnibus Rule: How to Assess Whether and What your Company Must Do to Comply

A key amendment to the Health Insurance Portability and Accountability Act (“HIPAA”) called the “Omnibus Rule” took effect on March 26, 2013. The Omnibus Rule impacts both companies that directly collect protected health...more

Keeping Up With the Kardashians Is NOT a Defense Under HIPAA

The LA Times recently reported the firing of six workers at Cedars-Sinai Medical Center in connection with the unauthorized access to patient medical records. The firings occurred in the days following the birth of reality...more

Florida Medical Record Disclosure Law Preempted by HIPAA

The U.S. Court of Appeals for the 11th Circuit recently ruled that a Florida law requiring nursing homes to disclose patient records of deceased patients was preempted by the Health Insurance Portability and Accountability...more

Federal Appeals Court Sides With HIPAA Over Florida Law in "Catch 22" Case Over the Release of Deceased Patient Records by Nursing...

As we first reported in December 2011, it's a common scenario: A Florida nursing home resident dies, and his or her spouse, surrogate, proxy, or attorney requests the resident's medical records. However, if the nursing home...more

HIPAA’s New Rules: Expanding Scope, Clarifying Uncertainties, & Reinforcing Fundamentals

On January 25, 2013, the Secretary for the United States Department of Health and Human Services, Office for Civil Rights (the “Department”) officially published the long-awaited final regulations (the “Final Rule”)...more

35 Results
|
View per page
Page: of 2