News & Analysis as of

Office of Civil Rights Dept. of Health and Human Services

Small Healthcare Provider Pays $31,000 for Failing to Have a Business Associate Agreement With File Storage Vendor

by Jackson Lewis P.C. on

Disclosing protected health information (PHI) to a business associate without a compliant business associate agreement (BAA) is an improper disclosure under the HIPAA privacy and security regulations. According to the HHS...more

Phishing Incident Leads to $400,000 HIPAA Settlement

by Saul Ewing LLP on

?On April 12, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Metro Community Provider Network (MCPN) agreed to pay HHS $400,000 to settle alleged HIPAA Security Rule...more

AGG Food and Drug Newsletter - April 2017

by Arnall Golden Gregory LLP on

Arnall Golden Gregory LLP's Food and Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community, including regular updates on legislative initiatives from AGG’s Washington, DC...more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

New HHS OCR Director Appointed – A Change in Course for HIPAA Enforcement?

by Arnall Golden Gregory LLP on

In late March, Roger Severino was appointed to be the new Director of the Department of Health and Human Services Office of Civil Rights (HHS OCR), the office responsible for enforcing the Health Insurance Portability and...more

Recent HIPAA Privacy and Security Settlements and Lessons Learned

by Perkins Coie on

Although the fate of the Affordable Care Act remains undecided, enforcement of the HIPAA privacy and security regulations by the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services is ongoing,...more

OCR Identifies Continuing HIPAA Enforcement Issues, Areas of Future Guidance and Regulations

Last week the Health Care Compliance Association hosted its annual “Compliance Institute.” Iliana Peters, HHS Office for Civil Rights’ Senior Advisor for HIPAA Compliance and Enforcement, provided a thorough update of HIPAA...more

HHS Expected to Release Significant HIPAA Privacy Guidance This Year; Compliance Audits Proceed; Guide on Compliance Program...

by WilmerHale on

HIPAA privacy guidance, audits, and enforcement are continuing under the new Administration. On March 27, 2017, Iliana Peters, Senior Adviser for HIPAA Compliance and Enforcement at the US Department of Health and...more

Hey Dentists: No Business Associate Agreement, No Problem

by Ruder Ware on

According to the U.S. Health and Human Services Office for Civil Rights (OCR), dental practices are not required to have a business associate agreement with their dental laboratory before sharing protected health...more

DWT Releases Latest Health Care Breach Charts

by Davis Wright Tremaine LLP on

Following the HITECH Act, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued regulations requiring HIPAA covered entities to provide certain notifications for breaches of unsecured...more

OCR Releases Guidance on Reporting and Monitoring Cyber Threats

Last week, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released new guidance on reporting and monitoring cyber threats. The guidance urges covered entities and business associates to...more

$3.2M Fine for Failure to Protect Electronic Records

by Jackson Lewis P.C. on

The Department of Health and Human Services Office of Civil Rights (“OCR”) fined a Texas hospital $3.2 million for its impermissible disclosure of unsecured electronic protected health information (ePHI) and non-compliance...more

Lessons Gleaned From Recent HIPAA Settlements: An Ounce of Prevention is Worth a Pound of Cure: How Recent OCR Enforcement...

by McGuireWoods LLP on

HIPAA enforcement has been on the rise during the last several years, and the dollar impact of those settlements has continued to grow significantly. The Department of Health and Human Services, Office of Civil Rights (OCR)...more

$5.5 Million HIPAA Settlement Underscores Importance of Audit Controls

On February 16, 2017, the HHS Office for Civil Rights (OCR) disclosed a $5.5 million settlement with Memorial Healthcare Systems (MHS) for HIPAA violations affecting the protected health information (PHI) of 115,143...more

$5.5 Million HIPAA Settlement Matches Largest Payment To-Date

by Saul Ewing LLP on

On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more

Want to Know Why Memorial Healthcare Systems Is Paying HHS OCR $5.5 Million?

On February 16, 2017, HHS OCR announced that Memorial Healthcare Systems (MHS) had paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of HIPAA’s Privacy and Security Rules...more

HIPAA Enforcement Update (October 2016 – January 2017)

by Locke Lord LLP on

Since October 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced four settlement agreements to resolve allegations of Health Insurance Portability and Accountability Act (HIPAA)...more

HIPAA Small Breach Notification Due March 1: “In Like a Lion, Out Like a Lamb” if You Submit Timely

by Davis Wright Tremaine LLP on

March 1, 2017 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more

Hospital pays $3.2M Resulting from HIPAA Security Rule Noncompliance

by Saul Ewing LLP on

In one of the last health care related acts of President Obama’s administration, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), imposed a multimillion-dollar HIPAA civil money penalty (CMP)...more

Lack of Timely Action and Knowledge of Risk Results in $3.2 Million Civil Monetary Penalty for HIPAA Violations

Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more

HHS Reaches $2.2 Million Settlement With Life Insurance Company For Impermissible Disclosure Of ePHI

by King & Spalding on

On January 18, the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS OCR”) announced that it had agreed to a $2.2 million settlement with MAPFRE Life Assurance Company of Puerto Rico (“MAPFRE Life”),...more

Key HIPAA Settlement Agreements by HHS’s Office for Civil Rights in 2015 & 2016

by LeClairRyan on

The last time this blog presented an overview of key HIPAA settlement agreements at the Office for Civil Rights in the U.S. Department of Health and Human Services was a review of 2014. The number of complaints that year had...more

What Did They Say About Cybersecurity in 2016? 8 Proclamations from Regulators and the Courts

by Orrick - Trust Anchor on

There is no such thing as compliance with the NIST Cybersecurity Framework (FTC). In September, the FTC dispelled a commonly held misconception regarding the NIST Framework: It “is not, and isn’t intended to be, a standard or...more

Tracking the Data Bandits

by Poyner Spruill LLP on

In the iconic western, Butch Cassidy and the Sundance Kid, Butch and Sundance are hard pressed to evade a posse led by the semi-mythical lawman, Joe Lefors, who is so adept that he manages to track them across solid rock. The...more

AGG Food and Drug Newsletter - January 2017

by Arnall Golden Gregory LLP on

Arnall Golden Gregory LLP's Food and Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community, including regular updates on legislative initiatives from AGG’s Washington, DC...more

370 Results
|
View per page
Page: of 15
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!