News & Analysis as of

Patient Confidentiality Breaches

McDermott Will & Emery

Healthcare Regulatory Check-up Newsletter | February 2024 Recap

McDermott Will & Emery on

This issue of McDermott’s Healthcare Regulatory Check-Up highlights regulatory activity for February 2024. We discuss various regulatory developments, including guidance on the use of AI in coverage decisions and texting...more

Health Care Compliance Association (HCCA)

Privacy Briefs: March 2024

Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more

Holland & Hart LLP

To BAA or Not to BAA: Must You Have One?

Holland & Hart LLP on

HIPAA applies to both covered entities (e.g., healthcare providers and health plans) and their business associates. A “business associate” is generally a person or entity that “creates, receives, maintains or transmits”...more

Mintz - Health Care Viewpoints

FTC Personal Health Records Breach Rule Applies to Health App and Connected Device Developers

On September 15, 2021, in response to the “proliferation of apps and connected devices that capture sensitive health data” the Federal Trade Commission (FTC) issued a Policy Statement (the Statement) offering guidance on the...more

Perkins Coie

California Issues New Regulations on Notification Obligations for Medical Information Breaches

Perkins Coie on

Certain California-licensed healthcare facilities are now subject to additional breach reporting obligations pursuant to regulations (Regulations)[1] issued by the California Department of Public Health (Department) on July...more

Dickinson Wright

New Case Law on When a Behavioral Health Professional May Testify as an Acquaintance Witness in a Commitment Proceeding

Dickinson Wright on

On June 23, 2020, the Arizona Court of Appeals issued its opinion concerning In Re: MH2019-004895, vacating the trial court’s order for involuntary treatment because the trial court improperly allowed the patient’s clinical...more

Roetzel & Andress

Possible Employer Vicarious Liability For Employee’s HIPAA Violation Even When Employee Engages In Unauthorized Act

Roetzel & Andress on

Can an employer be held liable for an employee’s HIPAA violation even if the employee engaged in an unauthorized act that was motivated by the employee’s own personal interest? In the recent decision of SoderVick v. Parkview...more

Holland & Knight LLP

Public Information is Still Protected by HIPAA

Holland & Knight LLP on

Allergy Associates of Hartford, P.C., entered into a Resolution Agreement and agreed to pay $125,000 to the U.S. Department of Health and Human Services, Office for Civil Rights (HHS) in order to settle certain Health...more

Poyner Spruill LLP

Smile, You're On Candid Camera

Poyner Spruill LLP on

Recent high-profile stories of family members secretly recording inside skill nursing facilities (SNFs) and then sharing those recordings with the media or trying to use them in court proceedings against providers have...more

Poyner Spruill LLP

OCR and an ALJ send a Clear Message about Importance of Mitigating Risks

Poyner Spruill LLP on

In the latest twist in a case that began last year, an administrative law judge (ALJ) agreed that a $4.3 million penalty, levied by the Office of Civil Rights (OCR) against the MD Anderson Cancer Center as a result of HIPAA...more

Ruder Ware

When Does a HIPAA Breach Exist?

Ruder Ware on

Conducting HIPAA Breach Risk Assessments - The HIPAA rules relating to assessment of potential patient confidentiality breaches were changed in 2013. Specifically, on January 17, 2013, the Office of Civil Rights released...more

Obermayer Rebmann Maxwell & Hippel LLP

Beware of the Man-In-The-Middle: Malicious Eavesdroppers on the Internet

Imagine this: Dr. Primary is treating Patty Patient for substance abuse and emails Patty Patient’s protected health information (PHI) to a treatment clinic. Before the email arrives at the clinic, it is intercepted by a third...more

Mintz - Privacy & Cybersecurity Viewpoints

Practice Fusion and FTC Settle Complaint Over Deceptive Statements About the Privacy of Consumer-Generated Online Content

Last week, the Federal Trade Commission (FTC) announced (press release) that Practice Fusion, the largest cloud-based electronic health company in the United States, has agreed to settle FTC charges over deceptive practices...more

Robinson+Cole Data Privacy + Security Insider

Lab tech indicted for identity theft

A lab tech working at a Las Vegas pediatric cardiology practice has been indicted on one count of illegal use and disclosure of patient health information and one count of aggravated identity theft. The lab tech had...more

Obermayer Rebmann Maxwell & Hippel LLP

Medical Devices a Target for Online Hackers

In the past few years, medical devices have become a major target for online criminals. Not only are medical devices considered to be one of the easiest and most vulnerable points of entry into a health care enterprise, they...more

Parker Poe Adams & Bernstein LLP

Potential Data Breach Could Affect Over 1,000 Medicaid Patients

The confidential health information of 1,615 Medicaid patients may have been compromised by the North Carolina Department of Health and Human Services (NC DHHS) on August 19, 2015, though the fact that this potential breach...more

Davis Wright Tremaine LLP

DWT Releases Latest Health Care Breach Charts

Safeguarding patient information is at the core of responsibilities for health care entities under the Health Insurance Portability and Accountability Act (HIPAA). But safeguarding patient information isn’t just a regulatory...more

Alston & Bird

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

Alston & Bird on

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

Baker Donelson

OIG Pushes OCR to Step Up HIPAA Enforcement

Baker Donelson on

In two recent reports, each with a specific focus, the OIG strongly recommended that the Office for Civil Rights (OCR) step up its HIPAA oversight and enforcement activities. One report assessed the OCR’s oversight of covered...more

Cooley LLP

Blog: HHS To Launch New HIPAA Audits in Early 2016 in Response to OIG Reports

Cooley LLP on

The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports yesterday calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and...more

Cooley LLP

Alert: UCLA Cleared in Lawsuit Alleging Lax Authentication Involving Insider Access to Medical Records

Cooley LLP on

Earlier this month, a California jury found the University of California, Los Angeles Health System (UCLA) not liable for damages that allegedly resulted when a medical office assistant, Alexis Price, improperly accessed and...more

Robinson+Cole Data Privacy + Security Insider

UCLA suffers another data breach

Last week, UCLA notified 1242 patients that their health information may have been compromised in July when a faculty member’s laptop was stolen. UCLA has notified the patients, the Office for Civil Rights and the California...more

Cooley LLP

Blog: Cancer Care Group Reaches Agreement to Settle Alleged HIPAA Violations

Cooley LLP on

Last week, Cancer Care Group, P.C. (CCG), an Indiana radiation oncology practice, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $750,000 and adopting...more

McGuireWoods LLP

UK Patients’ Data Exposed by Group Email

McGuireWoods LLP on

The 56 Dean Street Clinic, which is operated by the Chelsea and Westminster NHS Trust and specializes in HIV and other sexual health services, has apologized for the error which revealed (to all 780 recipients) the full names...more

Obermayer Rebmann Maxwell & Hippel LLP

Physician Group Practice Pays $750,000 for Breach of Unsecured Electronic Protected Health Information on Electronic Device

Cancer Care Group, P.C. (“CCG”), a radiation oncology physician group practice in Indiana, agreed to pay $750,000 for a breach of unsecured electronic protected health information (“ePHI”). CCG will also implement a...more

72 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide