Protected Health Information

News & Analysis as of

Blog: HIPAA FAQ Series: Does HIPAA Permit Communications via E-mail with PHI Subjects?

Last week, we introduced a new series to this blog that will cover frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). This week, the series continues by delving into a hot...more

OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014

With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities...more

A Look Back: NetDiligence 2014 Cyber Claims Study

The NetDiligence 2014 Cyber Claims Study relies on data voluntarily provided by insurers about amounts paid out on cyber claims occurring from 2011 through 2013. Since the Study only accounts cyber claims reported to larger...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

State Legislatures React To Latest Health Data Breaches By Updating State Data Breach Notification Laws And Encryption...

Recent, large-scale breaches of health information have served to highlight the fact that federal agencies have only rarely assessed penalties against companies as a result of these breaches, while many states do not have...more

Lessons Learned from the Anthem Cyber-Attack and Corresponding “HIPAA Actions”

Anthem Inc. (“Anthem”), the nation's second-largest health insurer, disclosed on Wednesday, February 4, 2015, that it was the victim of a major cyber-attack. According to Anthem, the attack exposed personal information of...more

Monthly Benefits Alert - February 2015

Health & Wellness Plans - Anthem Data Breach Requires Plan Sponsor Attention - On January 29, 2015, Anthem Inc., one of the largest managed health care companies in the country, disclosed that the sensitive...more

US District Court in Texas Finds Plaintiffs Lack Article III Standing in PHI Breach

Beverly Peters v. St. Joseph Services Corporation d/b/a St. Joseph Health Care System was a class action that arose out of a data breach of the defendant-health care service provider. It was alleged in the action that...more

Tapping Into the Big Value of Health Care Big Data

In This Issue: - Executive Summary - Improving Care by Tapping Into the Data Goldmine - Big Opportunities Available in Big Data - Government Programs Supporting the Use of Big Data -...more

“Bring Your Own Device” To Work Programs: Regulatory and Legal Risks and How To Minimize Them

If you’ve ever left your mobile phone on an airplane, in a restaurant, or somewhere other than in your possession, you know it’s frightening enough to think of losing the device itself, which costs a premium, as well as your...more

New Jersey Imposes Unique Encryption Requirements

Effective August 1, 2015, New Jersey will require health insurance carriers authorized to issue health benefit plans in New Jersey to encrypt personal information that they store electronically....more

States Respond to Recent Breaches with Encryption Legislation

In the wake of recent breaches of personally identifiable information (PII) suffered by health insurance companies located in their states, the New Jersey Legislature passed, and the Connecticut General Assembly will consider...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Health Care E-Note - February 2015

In This Issue: - HIPAA Privacy During Emergency Situations - Probationary Medicaid RCOs – How Do Physicians Respond Without Subjecting Themselves to Potential Criminal And Civil Liability? - Big Data...more

Legal Issues to Consider Before Starting Big Data Projects

We read every day about the myriad of purposes for which enterprises are embarking on Big Data projects. Securing C-suite buy in and funding may be a significant endeavor, as is implementing an analytic approach to yield...more

Court Dismisses Data Breach Class Complaint For Lack Of Standing

On February 11, 2015, the U.S. District Court for the Southern District of Texas held that a plaintiff lacked standing to pursue claims for alleged violations of the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq....more

Healthcare Legal News: Volume 5, Number 1

CMS ANNOUNCES NEW RULES THAT MAKE OWNER DOCTORS LIABLE FOR ALL PRACTICE MEDICARE DEBTS - Even after they leave the Practice. CMS announced its final rules on "Medicare Provider Oversight" on December 3, 2014....more

No Harm, No Standing: Texas Federal Court Dismisses Data Breach Class Action

Dismissing a class action based on a data breach, the Southern District of Texas added to the growing number of decisions that find an alleged risk of future identity theft due to a data breach is not an injury that creates...more

How to Mitigate Compliance Risks with BYOD - EndNotes February 2015

I?f you have ever left your mobile phone on an airplane, in a restaurant or somewhere other than in your possession, you know it’s frightening enough to think of losing the device itself, which costs a premium, as well as...more

Latest Update on Anthem Data Breach - Other BCBS Plans May Be Impacted

As a follow-up to its announcement of a massive cyber breach last week, Anthem has updated its “Frequently Asked Questions” for its employer clients, which are posted at www.AnthemFacts.com. The most significant development...more

What the Anthem Cyberattack Means for the Health Care Industry

Unfortunately, account hacks and data breaches are nothing new. Every day, we hear reports of hackers compromising networks and their protected data. When it happens on a massive scale to a powerful player in the health...more

Cybersecurity Attack on Anthem, Inc. Highlights the Cybersecurity Risks for All Companies Handling Electronic Medical Records

Health care providers, insurers and all who handle information on their behalf were put on notice last week that cybersecurity must be a high priority for their organizations. ...more

FAQs by Employers Regarding the Anthem Breach

Do we have any legal obligations under HIPAA? It depends on your contractual relationship with Anthem and whether the group health plan offered by your company is self-insured. If your company’s group health plan is...more

Honored in the Breach: Employer Action Items for an Insurer Data Breach

This morning, Anthem Blue Cross and Blue Shield, one of the largest health insurers in the country, notified its policyholders, members, and business partners that it was recently the target of an external cyber attack that...more

CMS, ONC Update Meaningful Use FAQ, Lay Groundwork for HIT Changes

CMS and the Office of the National Coordinator for Health IT (ONC) announced several policy developments last week relating to electronic health record (EHR) technology issues....more

500 Results
|
View per page
Page: of 20