News & Analysis as of

More Data Vulnerabilities, Cyber Breaches Detected in Healthcare Exchanges

Government audits continue to reveal that millions of people’s personally identifiable information is at risk. Continuous audit reports by the Office of the Inspector General (OIG) of The Department of Health and Human...more

EEOC Grapples with Proposed Rule Comments on Wellness Program; Additional Guidance Expected Soon

As we previously reported, the Equal Employment Opportunity Commission (EEOC) released Proposed Rules on April 16, 2015 to provide guidance under the Americans with Disabilities Act (ADA) on permissible employer incentives...more

Insurance Recovery Law - September 2015

Exception to Mold Exclusion Requires Defense of Suit Alleging Injuries From Moldy Water - Why it matters: An exclusion for "Fungi or Bacteria" did not prevent a federal court judge in Tennessee from ordering an insurer...more

Responding to Subpoenas and Other Requests for Personal Health Information: Take Them at Face Value

Healthcare providers and other HIPAA covered entities receive requests for protected health information (“PHI”) from a variety of sources on a daily basis. Such requests can range from informal requests made during the course...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

EEOC Issues Proposed Wellness Programs Rules under the ADA – Is Your Employer-Sponsored Wellness Program “Voluntary”?

Wellness programs are becoming more popular among employers as a way to promote healthy lifestyles for their employees. Most employers are aware that their wellness programs must comply with the nondiscrimination rules under...more

Kentucky Federal Court Sustains Hospital Insurer’s Denial of Claim Due to Untimely Notice, Declines to Require Insurer Show...

The U.S. District Court for the Eastern District of Kentucky recently held that an insurer properly denied coverage to a hospital because the hospital gave untimely notice of the claim. In Ashland Hospital Corporation v. RLI...more

EEOC Issues Notice of Proposed Rulemaking on Interplay Between ADA and Employee Wellness Programs

Despite existing guidance available to employers under the Affordable Care Act (“ACA”) and the Health Insurance Portability and Accountability Act (“HIPAA”), employers have long faced uncertainty about the legality of their...more

Massive Data Breach Affects 4.5 Million Patients in 29 States

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more

Kentucky’s New Breach Notification Legislation

Data breaches, whether big or small, can leave customers exposed to fraudulent activity. You may recall that in January 2014, Target reported that an estimated 70 to 110 million of its customers had personal information...more

OCR Announces the Results from it's Pilot Audit and it's Plans For Next Year

The Office of Civil Rights Audit Pilot Program has come to an end with 115 audits, primarily in person, having been completed. The Pilot Program had multiple revelations in privacy, some of which were probably, not so...more

Improve Compliance Of Retirement And Group Health Plans In 2014

Retirement plan fiduciaries should consider the following best practices to improve their plan’s governance in 2014: (i) if fiduciary duties have been delegated, make certain that the delegations are in writing and are being...more

Florida's New Med-Mal Law Is Pre-Empted By HIPAA And Is Voided By Federal Judge

A new part of Florida's medical malpractice law has been voided by a federal judge on the grounds that it is pre-empted by HIPAA. The law, passed during the 2013 legislative session and effective only on July 1 2013,...more

HHS Issues Model Privacy Notices: The Good, the Bad, and the Ugly

Just in time for the September 23, 2013, deadline for compliance with the HIPAA Omnibus Rule, the U.S. Department of Health and Human Services (“HHS”) issued a set of model notices of privacy practices for health care...more

OCR Releases Model Notices of Privacy Practices

Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

It's Never Too Late To Give Guidance: OCR Starts Releasing HIPAA Omnibus Rule Guidance In Anticipation Of September 23 Compliance...

This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more

Privacy Monday – September 23, 2013: Today Is HIPAA Compliance Day – 5 Things That You Should Have Done

Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule. In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape. Here...more

OCR Publishes Model Notice of Privacy Practices

With the September 23, 2013 compliance date for the HIPAA Omnibus Rule only one week away, the Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have developed...more

Privacy Monday – September 16, 2013

Dis-Like! Senator Markey Urges the FTC to Investigate Facebook’s New Policies - As we previously reported, Facebook has proposed a number of revisions to its Data Use Policy and Statement of Rights and...more

Countdown to HITECH Compliance: How to Redistribute Your Notice of Privacy Practices

September 23, 2013 is the fast-approaching compliance deadline for the final omnibus HIPAA/HITECH rules. Many provisions required revisions to Notices of Privacy Practices (NPPs) maintained and distributed by covered...more

Sponsors Of Group Health Plans Must Take Action To Comply With The Upcoming September 23, 2013 HIPAA Compliance Deadline

In January 2013, the U.S. Department of Health and Human Services (HHS) released final regulations which revised existing regulations under the Health Insurance Portability and Accountability Act (HIPAA). ...more

Breach Notification: New Rules!

If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more

The ERISA Litigation Newsletter - June 2013

Our articles this month focus on health care reform. First, Jim Napoli and Brian Neulander comment on the potential for litigation under the Affordable Care Act's (ACA's) whistleblower protections and ERISA Section 510 as a...more

More To Do’s to Add to Your 2013 Health Plan Compliance Calendar – Don’t Forget About HIPAA/HITECH

For much of 2013, group health plan sponsors have been gearing up for the compliance challenges associated with the Affordable Care Act. There is no doubt that much of the planning, focus and energy trained on the next round...more

91 Results
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.