News & Analysis as of

Penalties Covered Entities

King & Spalding

Maryland Online Data Privacy Act

King & Spalding on

On May 9, 2024, Maryland Governor Wes Moore signed the Maryland Online Data Privacy Act of 2024 (“MODPA”) into law. This makes Maryland the fifth state this year and eighteenth state in total to adopt comprehensive data...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

The EU’s NIS2 Directive: Covered Entities, Compliance Monitoring, Risk Management, Incident Reporting, and Penalties

In response to the increasing number of cyberattacks and the acceleration of digital transformation across sectors, the European Union has revised and improved its Network and Information Security (NIS) Directive. The...more

Holland & Hart LLP

Avoiding HIPAA Penalties: A Checklist for Covered Entities

Holland & Hart LLP on

The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more

Mintz - Privacy & Cybersecurity Viewpoints

Maryland Says “Don’t Mess with Kids”

As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more

Holland & Hart LLP

Business Associate Agreements: Requirements and Suggestions

Holland & Hart LLP on

The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more

Moore & Van Allen PLLC

Texas Passes a Comprehensive Privacy Law

In June, Texas became the tenth state with a comprehensive privacy law. The Texas Data Privacy and Security Act (“TDPSA”) contains familiar provisions from other state privacy laws regulating the collection, use, processing,...more

Perkins Coie

New York City Adopts Final Rules for Law Governing Automated Employment Decision Tools

Perkins Coie on

The New York City Department of Consumer and Worker Protection (DCWP) adopted final rules for Local Law 144 on April 6, 2023. This landmark law prohibits employers from using automated employment decision tools (AEDTs) to...more

Steptoe & Johnson PLLC

OCR Waives HIPAA Penalties Against Providers Using Electronic COVID-19 Vaccine Scheduling

On February 24, 2021, the Office for Civil Rights at the U.S. Department of Health and Human Services (“OCR”) announced that it will not impose penalties against covered entities or their business associates that use online...more

Bass, Berry & Sims PLC

Perfection Not Required: Fifth Circuit Vacates HHS OCR $4.3 Million Penalty for Potential Data Breach Case

Bass, Berry & Sims PLC on

On January 14, the Fifth Circuit vacated the University of Texas M.D. Anderson Cancer Center’s (M.D. Anderson) $4.3 million fine for HIPAA violations arising from its loss of more than 35,000 individuals’ protected health...more

WilmerHale

Congress Passes Bill to Mitigate Penalties for Potential HIPAA Violations

WilmerHale on

On December 19, the Senate passed H.R.7898, which the House of Representatives had previously passed on December 9. This law amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require...more

Baker Donelson

Physicians, Think Before You Yelp??

Baker Donelson on

Health care providers should take heed of the $10,000 settlement announced on October 2, 2019 between the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR) and a small dental practice based on...more

Holland & Hart - Health Law Blog

Encrypt Your Devices or Face HIPAA Penalties

This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more

Holland & Hart - Health Law Blog

HHS Reduces the Annual Cap for Most HIPAA Penalties

HIPAA penalties vary depending on the type of conduct involved. (45 CFR § 160.404). Under HHS’s prior interpretation, the types of violations were all subject to an annual maximum penalty of $1,500,000 for identical types of...more

Davis Wright Tremaine LLP

HHS Reinterprets (and Significantly Lowers) Annual Penalty Caps for HIPAA Violations

The Department of Health and Human Services Office for Civil Rights (OCR) today announced that it is lowering the maximum total penalties it may assess against covered entities and business associates for multiple violations...more

Snell & Wilmer

2017 HIPAA Enforcement – Appears Not To Be Slowing Down

Snell & Wilmer on

To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts. However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of...more

Winstead PC

New ADA and GINA Wellness Regulation Changes Complicate Wellness Program Compliance Analysis and Risks

Winstead PC on

Wellness programs should all be reviewed considering the Americans with Disabilities Act (“ADA”) and the Genetic Information Nondiscrimination Act (“GINA”) regulatory changes because noncompliance with the new requirements do...more

Alston & Bird

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

Alston & Bird on

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

Snell & Wilmer

HHS Publishes Long-Awaited Final Omnibus Rules for HIPAA

Snell & Wilmer on

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more

Mintz - Privacy & Cybersecurity Viewpoints

HITECH Omnibus Rule Basics

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

BakerHostetler

The HIPAA/HITECH Final Rule Has Been Released

BakerHostetler on

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

20 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide