News & Analysis as of

Latest HIPAA Settlement: Compliance is an Ongoing Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more

$150,000 HIPAA Settlement Following Breach of Unsecured PHI Due To Malware

The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced on December 8, 2014 that a community behavioral health organization agreed to pay $150,000 and adopt a corrective action plan to...more

Malware Incident at Mental Health Nonprofit Leads to $150K Settlement with OCR

As cyberattacks targeting the healthcare industry continue to escalate, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has published its first-ever resolution agreement stemming from an...more

Failure to Follow HIPAA Policies Results in $150,000 Liability and Corrective Action Plan

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS-OCR) has recently released information about another HIPAA settlement, emphasizing yet again the government's focus on the Health Insurance...more

HIPAA Settlement Continues to Emphasize the Importance of Security Policies and Procedures

A recently announced settlement between Anchorage Community Mental Health (“ACMHS”) and the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”) emphasizes, once again, the importance of compliance with...more

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

HHS Announces $800,000 HIPAA Settlement in Medical Records “Dumping” Case

On June 23, 2014, The Department of Health and Human Services (HHS) entered into an $800,000 settlement with Parkview Health System, Inc. (“Parkview”), a nonprofit community health system servicing northeastern Indiana and...more

Privacy Wednesday

What’s that old saying … “a day late and a dollar short?” Here is our Privacy Monday roundup … on Wednesday. Office for Civil Rights HIPAA Crackdown? The Office for Civil Rights (OCR) — the enforcement arm of...more

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

To Encrypt or Not to Encrypt—A $2 Million Question with a Simple Answer, HHS Says

The Department of Health and Human Services (“HHS”) just announced a pair of settlements arising out of the theft of two laptops containing protected health information (“PHI”). Two entities, Concentra Health Services...more

OCR Settles Potential HIPAA Violations with County Government for $215,000

To start 2014, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first resolution agreement of the year and its first settlement with a county government – signaling that even local...more

Settlement Emphasizes the Need for HIPAA Risk Management

A HIPAA violation involving a health plan’s failure to erase protected health information from photocopier hard drives has resulted in a $1.2 million settlement. Your risk can be significantly reduced if you adopt and...more

Health plan pays for failing to erase data on leased equipment: two takeaways for companies handling electronic PHI

The Office for Civil Rights (OCR) has announced a settlement between the US Department of Health and Human Services and Affinity Health Plan, Inc. to address potential violations of the Health Insurance Portability and...more

HIPAA security violations result in $1.7 million settlement

On July 8, 2013, WellPoint, Inc., a managed care company (“WellPoint”), agreed to pay a $1.7 million fine to settle a self-reported breach of HIPAA, a key federal health privacy law, that led to the unauthorized disclosure of...more

WellPoint agrees to pay $1.7M in HIPAA penalties: what this tells you

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced that WellPoint, Inc. agreed to pay $1.7 million to settle potential violations of the Health Insurance Portability and...more

Is Your Firewall On? Are You Sure? Idaho State University Settles Privacy Rule Violations for $400,000

The HHS Office of Civil Rights (OCR) recently announced a $400,000 settlement with Idaho State University (ISU) following a lengthy investigation of the privacy and security practices at ISU outpatient clinics. In addition to...more

OCR Settles with Shasta Regional Medical Center for $275,000

The HHS Office of Civil Rights (OCR) recently announced a $275,000 settlement with Shasta Regional Medical Center (SRMC) on the heels of an investigation triggered by a Los Angeles Times article indicating that senior...more

Under HIPAA, You Have the Right to Remain Silent

Last week a regional California medical center entered a $275,000 settlement for disclosing patient information to the media, spotlighting HIPAA’s tight reign over covered health providers even when they try to defend their...more

HHS Reaches $400,000 Settlement Of Alleged HIPAA Security Rule Violations For Disabling Firewall Protections

The U.S. Department of Health and Human Services (HHS) has reported a $400,000 settlement with Idaho State University (ISU) for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

U.S. Department of Health and Human Services Announces First HIPAA Breach Settlement Involving Fewer than 500 Patients

On January 2, 2013, the U.S. Department of Health and Human Services ("HHS") settled its first case involving the unauthorized disclosure of the electronic protected health information ("ePHI") of fewer than 500 individuals....more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

Health Law Alert: Deficient Data Security On Mobile Devices Leads To First HIPAA Breach Settlement Involving Less Than 500...

On January 2, 2013, the U.S Department of Health and Human Services, Office of Civil Rights (OCR) announced its first HIPAA breach settlement involving less than 500 patients. OCR took action against a hospice provider in...more

First HHS OCR Settlement for HIPAA Breach Involving Less Than 500 Patients Sends Message to Providers

On January 2, 2013, HHS announced that the Hospice of North Idaho (HONI) agreed to pay $50,000 and enter into a Corrective Action Plan (CAP) as part of a settlement involving a breach of unsecured electronic protected health...more

Health Law Update — January 10, 2013

In This Issue: - Healthcare Provisions in the American Taxpayer Relief Act - the Good, the Bad and the Ugly - American Taxpayer Relief Act Amends Overpayment Recovery Time Limits - OIG Advisory Opinion Sheds...more

31 Results
|
View per page
Page: of 2