Protected Health Information

News & Analysis as of

HIPAA Omnibus Rule: Deadline Approaching to Update Grandfathered Business Associate Agreements

Although the HIPAA Omnibus Rule (the “Rule”) went into effect nearly 18 months ago, the transition period for bringing business associate agreements into compliance with the Rule’s new requirements will end on September 23,...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Healthcare Legal News: Volume 4, Number 3 - Special Issue: HIPAA Update

Recent Trends in HIPAA Liability - Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including...more

September 22, 2014 – HIPAA Compliance Deadline for Business Associate Agreements Is Just Around the Corner

All business associate agreements (“BAAs”) must be updated and compliant with current Health Insurance Accountability and Portability Act (“HIPAA”) regulations by September 22, 2014. Failure to meet this deadline could result...more

A New Sheriff in Town: Federal Trade Commission Enforcement of Medical Information Security

A recent court decision found that the Federal Trade Commission (FTC) has authority to enforce the requirements for security of Protected Health Information, or PHI, as defined under the Health Information Portability and...more

Employee Taking Protected HIPAA Information Not Protected Under ADEA

The Health Insurance Portability and Accountability Act (HIPAA) requires health care providers and other businesses to protect the confidentiality of certain patient information. Last month in an unpublished decision, the...more

HIPAA Breaches: What They Are and What You Can Do to Protect Your Clients

45 CFR §§ 164.400-414– otherwise known as the HIPAA Breach Notification Rule– requires all entities and businesses covered by HIPAA to disclose any breaches of unsecured protected health information (PHI). In order to protect...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

Wearable Fitness Device Privacy Concerns Abound

How would you feel if businesses or individuals had access to your medical records? There is no question that advertisers, businesses, and even overly-clingy significant others would love to have access to your private...more

Final Guidance on 2014 Certified EHR Technology Requirements and Implementation of Stage 3 Meaningful Use Requirements

On September 4, 2014, the Centers for Medicare & Medicaid Services (“CMS”) and the Office of the National Coordinator for Health Information Technology (“ONC”) issued a final rule (the “Final Rule”) that adopts, without...more

News from the Health Law Gurus™

News from the Health Law Gurus™ is a weekly summary of notable health law news from around the country with helpful links to related content. Check back every week for the latest health law news stories....more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Business Associate Agreements May Require Amendment

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

Health Alert (Australia) - Week of August 25, 2014

In This Issue: Judgments; Legislation; and Reports. Excerpt from Reports: Australia. Department of Health & Ageing Media releases - 20 August 2014 - New Centre to Deliver More Health...more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

News from the Health Law Gurus™

Chinese Hackers Infiltrate Health System Network Affecting 4.5 Million Individuals – Community Health Systems, Inc. (“CHS”) reported this week that the information of approximately 4.5 million individuals has been affected by...more

FBI Warning to Health Care Sector Holds True

In April of this year, the FBI issued a Private Industry Notification (PIN) to the health care industry warning of the “likely increase [in] cyber intrusions against health care systems.” In the same month, and into June of...more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

Massive Data Breach Affects 4.5 Million Patients in 29 States

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more

Class Action Plaintiffs Look to Fair Credit Reporting Act for Private Relief from Data Breaches Involving Health Information

A recent class action brought against the University of Miami (“University”) previews what could become an emerging trend among plaintiffs’ class action attorneys to seek damages for the unauthorized disclosure of personal...more

Hospital Operator Reports 4.5 Million Patients’ Data Stolen in Cyberattack

The Tennessee-based acute-care hospital chain Community Health Systems, Inc. (CHS), reported on August 18 that information on approximately 4.5 million patients was stolen from the company. CHS is one of the largest hospital...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

EEOC Sues Employer for Requiring Medical Details as Part of Sick Leave Approval

Employers that provide paid sick leave benefits often require doctors’ notes confirming the employee’s need to be out of work. Last month, the Equal Employment Opportunity Commission filed suit against a Pennsylvania employer...more

393 Results
|
View per page
Page: of 16