Office of Civil Rights

News & Analysis as of

Blog: GAO Criticizes HHS In Health Information Cybersecurity Report

On Monday, the Government Accountability Office (“GAO”) released a report (the “Report”) criticizing the U.S. Department of Health and Human Services (“HHS”) security and privacy guidance and oversight in protecting...more

Small-Breach Focus Shows Growing Scope Of HIPAA Probes

Flexing yet more enforcement muscle under the Health Insurance Portability and Accountability Act, on Aug. 18, 2016, the U.S. Department of Health and Human Services Office for Civil Rights announced that it will more widely...more

Outdated Business Associate Agreement Leads to Another Six-Figure HIPAA Settlement

On September 23, 2016, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Care New England Health System (CNEHS) agreed to pay $400,000 and enter into a corrective action plan...more

Healthcare Data Breach Enforcements and Fines At A Glance

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

Taking Measure of HIPAA Enforcement

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

Seattle’s New Secure Scheduling Ordinance

The Seattle City Council unanimously passed the Secure Scheduling Ordinance (Ordinance) on September 19, 2016. The Ordinance imposes new requirements on certain employers in the retail and food services industries for their...more

Seattle City Council Approves Secure Scheduling Ordinance

As widely anticipated, on September 19, 2016, the Seattle City Council passed the Secure Scheduling Ordinance (SSO), CB 118765, by a unanimous vote. The SSO mandates that large retail and food service employers provide two...more

Second Circuit Holds IDEA Eligibility Does Not Automatically Result in Section 504/ADA Eligibility; Practical Implications Are Not...

The Second Circuit held that the parents failed to establish their claim “[b]ecause, as a matter of law, an IDEA disability does not necessarily constitute a disability under the ADA for Section 504.” Id. The court...more

A Deeper Dive: Employers Receiving Federal Funding May Be Subject to ACA’s Nondiscrimination Rule and Need to Cover Transgender...

In recent months, we have written a fair amount about providing transgender benefits in light of the nondiscrimination provisions of the Affordable Care Act. Our blogs of March 30, 2016 and June 22, 2016 highlight the key...more

September Privacy and Security Updates

Although National Cyber Security Month isn’t until October, September has brought plenty of privacy and security updates that health care companies need to be aware of. In this post, we review guidance from the Office for...more

Don’t Ignore Ransomware Vulnerabilities; You Could Be Violating FTC Act

Last week, the Federal Trade Commission convened a ransomware workshop to discuss the rising epidemic of attacks against U.S. businesses and individuals. In a ransomware attack, a malicious actor tricks a user into...more

OCR Continues to Strengthen HIPAA Enforcement Efforts

The United States Department of Health and Human Services Office for Civil Rights ("OCR") sent a strong HIPAA enforcement message this summer, entering four resolution agreements, including the highest financial settlement to...more

Business Associates Beware! OCR Means Business

In June 2016, OCR entered into its first settlement agreement with a business associate, Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), for potential violations of the HIPAA Laws by failing to...more

OCR Sets Sights on Smaller HIPAA Breaches

Covered entities and business associates can expect increased scrutiny for breaches of unsecured protected health information affecting fewer than 500 individuals. Starting August 2016, the U.S. Department of Health and Human...more

Orleans Medical Clinic Notifies 6,890 Patients of Data Breach

Orleans Medical Clinic (Orleans) in Indiana has notified the Office for Civil Rights that the protected health information of 6,890 patients was compromised as a result of an upgrade to its server. Orleans is in the process...more

OCR Announces Initiative to Amplify Investigations of Breaches Affecting Fewer than 500 Individuals

Taking another step toward more aggressive enforcement under the Health Insurance Portability and Accountability Act (“HIPAA”), on August 18, 2016, the U.S. Department of Health & Human Services (“HHS”) Office for Civil...more

Scandals, Investigations, and Media Scrutiny – The Need for Proactive Policies and Procedures in Athletics Departments

With the college football season set to kick off, most attention will turn to wins and losses rather than the off-field issues that place universities and athletic departments in the media spotlight. However, with the...more

HHS OCR Offers New Materials for Covered Entities to Promote Compliance with the Affordable Care Act’s Nondiscrimination...

Hospitals, health clinics, health insurance issuers, State Medicaid agencies, community health centers, physician practices, home health care agencies and certain other health care and coverage providers are now subject to...more

HHS Issues Final Rule on the ACA's Anti-Discrimination Provisions

On May 18, 2016, the Department of Health and Human Services (HHS) issued a final rule (the Rule) implementing the prohibition on discrimination under Section 1557 of the Affordable Care Act (ACA). Section 1557 prohibits...more

Corporate Investigations and White Collar Defense - August 2016

Spotlight on the False Claims Act - Why it matters: This month, we review a recent Ninth Circuit case that allowed a qui tam relator’s action against various Medicare Advantage organizations to proceed, holding that the...more

OCR: No privacy breach is too small

The Office for Civil Rights (OCR) HIPAA enforcement efforts are continuing to increase. This year, the OCR has already announced 10 HIPAA enforcement actions involving fines, which is a 67 percent increase from last year and...more

HIPAA Breaches: Size Doesn't Necessarily Matter

The U.S. Department of Health and Human Services Office of Civil Rights (OCR) made headlines this month with a record $5.55 million HIPAA settlement reached with Advocate Health Care System, Illinois’ largest health care...more

No HIPAA Hall Pass for Business Associates and Small Breaches

Phase 2 Audits of Business Associates: The Department of Health and Human Services, Office for Civil Rights (OCR) is in the process of conducting its phase 2 audits of Covered Entities and Business Associates. “Covered...more

Healthcare Compliance: Juggling Risk Mitigation Strategies

Healthcare organizations – ranging from physician practice groups to large, multi-state hospital systems – face a variety of risks, including fraud and abuse, as well as HIPAA privacy issues. Starting from a baseline risk...more

Corporate E-Note - August 2016

In a “Table of Experts” series published on July 15, 2016 by the Birmingham Business Journal, Ed Christian provides his insight into a series of questions related to mergers and acquisitions. Please see full E-note below...more

706 Results
|
View per page
Page: of 29
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×