News & Analysis as of

HHS OCR Issues Rule Modifying HIPAA In Effort To Fight Gun Violence

On January 4, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued a rule modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule to expressly...more

Second CMP Assessed for HIPAA Violations: Do You Know Where Your Data Is?

For only the second time in its history, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has imposed a civil money penalty (CMP) on a covered entity for allegedly violating the HIPAA...more

Blog: ALJ Upholds OCR Enforcement Against Lincare, Inc. of $239,800

A U.S. Department of Health and Human Services (HHS) administrative law judge (ALJ) recently sustained an earlier HHS Office of Civil Rights (OCR) decision to impose a civil money penalty (CMP) of $239,800 against Lincare...more

Latest OCR Enforcement Action: Underbed Storage is Not Appropriate for PHI

Recent enforcement actions by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) have highlighted that, not surprisingly, Covered Entities should not leave medical records in a...more

Historic Moment: Husband Reports Wife’s HIPAA Violation Triggering Six Figure Penalty Against Employer

For the second time in history, the Office for Civil Rights (“OCR”) has imposed a civil monetary penalty (“CMP”) against a covered entity for violations of the Health Insurance and Portability Act (“HIPAA”). Lincare, Inc., a...more

2016 HIPAA Audits to Begin: Are you Confident in Your HIPAA Compliance?

Although the Health Insurance Portability and Accountability Act, or “HIPAA,” has been around since 1996, with its implementing regulations first published in the early 2000s, it is definitely not “old news.” In light of...more

If You Provide Behavioral Health Services, Do the New HIPAA Reporting Rules Apply to You?

In early January, the Office for Civil Rights of the United States Department of Health and Human Services (“OCR”) issued new regulations regarding the right of certain HIPAA covered entities to disclose mental health...more

Executive Gun Control Actions Result in HIPAA Modifications

In response to the Obama Administration’s executive actions to reduce gun violence, on January 4, 2016, the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) issued a final rule, which modifies the...more

OCR issues new guidance on individuals’ access to PHI: Is your access policy compliant?

On Jan. 7, 2016, the Office of Civil Rights (OCR) issued new guidance (Guidance) on the right of individuals under the HIPAA Privacy Rule to access their protected health information (PHI). In the Guidance, the OCR indicated...more

WEBINAR: Creating Stable Security and Compliance Relationships Between Health Care Organizations and Vendors

The Omnibus Rule implementing the HITECH Act made several changes to the HIPAA Privacy and Security Rules that profoundly changed the dynamic between health care providers and vendors. In addition, the Breach Notification...more

University of Washington Medical School pays OCR $750,000 for data breach

The Office for Civil Rights (OCR) announced on Monday, December 14, 2014, that it has settled a HIPAA investigation with the University of Washington Medical School involving a data breach in October of 2013....more

Blog: University of Washington Medicine Agrees to Settle Alleged HIPAA Breach

Last week, the University of Washington Medicine (UWM), an affiliated covered entity that includes multiple entities such as the University of Washington Medical Center, agreed to settle alleged violations of the Health...more

Triple-S Management Corporation Will Pay $3.5 Million To Settle Potential HIPAA Violations

On November 30, 2015, the United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced that Triple-S Management Corporation had agreed to pay $3.5 million to settle potential violations of...more

HIPAA and Health Care Data Privacy – 2015 Year in Review

As the year winds down, we look back with a mixture of nostalgia and queasiness on the major Health Insurance Portability and Accountability Act (HIPAA) events that defined 2015. Incredibly large data breaches became...more

Stolen, Unencrypted Laptop Leads to $850,000 Settlement and Comprehensive Corrective Action Plan for Massachusetts Teaching...

The U.S. Department of Health and Human Services, Office of Civil Rights (OCR), has announced a settlement with Lahey Hospital and Medical Center (Lahey) that arose out of a HIPAA breach involving a stolen laptop. The...more

Recent HIPAA settlements emphasize importance of robust compliance program

Two recent HIPAA settlements remind organizations subject to HIPAA of the importance of having a robust HIPAA privacy and security compliance program in place. Most recently, on Nov. 30, 2015, the Office of Civil...more

Triple-S settles HIPAA violations for $3.5M

Triple-S Management Corp., an insurance holding company based in San Juan, Puerto Rico, has agreed to settle an investigation of HIPAA violations by the Office for Civil Rights (OCR) for $3.5 million. According to the OCR...more

Lahey Hospital agrees to pay a whopping $850,000 to OCR for stolen laptop

Just before Thanksgiving, the Office for Civil Rights (OCR) announced that Lahey Hospital and Medical Center (Lahey) has agreed to pay $850,000 in fines and penalties to the OCR and enter into a resolution agreement following...more

Another Day, Another OCR Resolution Agreement – Numerous Repeated Breaches Lead to $3.5 Million Settlement

On the heels of the Lahey Hospital and Medical Center resolution agreement, OCR announced a resolution agreement with Triple-S Management Corporation and its subsidiaries, Triple-S Salud Inc. and Triple-C Inc. (collectively...more

High Cost of HIPAA Violations Demonstrated in $3.5 Million Settlement

Triple-S Management Corporation (“Triple-S”), on behalf of its wholly-owned subsidiaries, Triple-S Salud, Inc., Triple-C, Inc., and Triple-S Advantage, Inc., has agreed to pay $3.5 million as part of a Resolution Agreement...more

OCR Continues Waving Its HIPAA Enforcement Flag: Don’t Forget About Medical Devices

The day before Thanksgiving, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the largest resolution agreement of 2015, against Lahey Hospital and Medical Center (Lahey). The...more

Privacy and Security: Highlights from the HHS Inspector General’s 2016 Work Plan

On November 2, 2015, the Office of Inspector General (OIG) for the Department of Health and Human Services (HHS) announced its Work Plan for Fiscal Year 2016 (2016 Work Plan), which describes the OIG’s investigative focus for...more

OCR HIPAA Phase 2 Audits Coming Soon. Be Prepared.

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that the agency expects to begin Phase 2 Audits in early 2016. OCR intends to conduct desk audits and on-site audits of covered...more

New HIPAA Audit Program Expected in 2016

The U.S. Department of Health and Human Services’ Office of Inspector General (OIG) recently issued a report reviewing the HIPAA audit program that is administered by the Office of Civil Rights (OCR). The OCR is responsible...more

HHS Office of Inspector General Calls for Increased Oversight and Enforcement of HIPAA

On September 29, 2015, the U.S. Department of Health & Human Services Office of the Inspector General (OIG), Office of Evaluation and Inspections, released two studies calling on the HHS Office for Civil Rights (OCR) to...more

299 Results
|
View per page
Page: of 12

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×