Protected Health Information

News & Analysis as of

Class Certification Improper in Data Breach Case, PA Appellate Court Finds

The Pennsylvania Superior Court has affirmed a trial court's decision denying class certification in a data breach case against two health plans, reversing its own earlier ruling in the same case that the plaintiff did not...more

Facebook, Healthcare Provider Websites and HIPAA

In a class action Complaint filed in the Northern District of California on March 15, 2016, Kiesel Law LLP, on behalf of primary plaintiff Winston Smith and a potential class of others, alleges that Facebook received...more

Phase 2 of the OCR HIPAA Audit Program Already Underway

On March 21, 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced the launch of the long-awaited Phase 2 HIPAA Audit Program (Phase 2), and OCR activities related to Phase 2 are already...more

Maintaining Patient Privacy In The Digital Age

Those in the heavily regulated healthcare industry know that patient information is sacrosanct. And for good reason; improper handling can result in hefty fines or criminal prosecution under the Health Insurance Portability...more

Policyholder Takeaways From Portal

In a solid victory for policyholders, the Fourth Circuit upheld coverage last week for a potential data breach incident involving confidential medical records. The case is The Travelers Indemnity Co. of America v. Portal...more

Fourth Circuit Finds CGL Insurer Has Duty to Defend Cyber Claim

In Travelers Indem. Co. of Am. v. Portal Healthcare Solutions, L.L.C., 2016 U.S. App. Lexis 6554, decided on April 11, 2016, the United States Court of Appeals for the Fourth Circuit found that a commercial general liability...more

Raleigh Orthopedic Clinic settles with OCR for $750,000 for lack of business associate agreement

Consistent with the settlement the OCR agreed to with North Memorial Health Care of Minnesota, the Office for Civil Rights has settled its investigation of Raleigh Orthopaedic Clinic, P.A. (Raleigh Orthopaedic) for $750,000....more

New HIPAA Phase 2 Audits: Targets Notified by Email Only

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more

New York Presbyterian Hospital Settles OCR HIPAA Investigation

On April 21, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced a $2.2 million settlement with The New York and Presbyterian Hospital (“NYP”) regarding NYP’s impermissible...more

Wyoming Medical Center victim of phishing scheme affecting 3,184 patients

Phishing incidents in February that may have compromised the data of 3,184 patients, including their names, dates of birth, medical record and account numbers, dates of service and medical information is causing Wyoming...more

Fourth Circuit Upholds Coverage Under CGL Policy for Data Breach Claims

The United States Court of Appeals for the Fourth Circuit (“Fourth Circuit”) recently concluded that an insurer had a duty to defend a health care company that was sued by individuals whose personal health information was...more

Cybersecurity and Employee Benefit Plan Fiduciary Duties: Going Beyond HIPAA

It seems as though we hear about new cybersecurity issues every day — from traditional hacking incidents to the increasingly sophisticated phishing, malicious apps and websites, social engineering, and ransomware attacks. ...more

Spring Showers Bring HIPAA Breaches

OCR has announced several recent settlement agreements to resolve violations of the Health Insurance Portability and Accountability Act (“HIPAA”). These settlement amounts range from $25,000 to $3.9 million dollars and...more

OCR Releases Updated HIPAA Audit Protocol and Business Associate Listing Template

The Office of Civil Rights (OCR) recently updated the audit protocol that it will be using to assess Covered Entities’ and Business Associate’s compliance with the Health Insurance Portability and Accountability Act (HIPAA)...more

Two Additional HIPAA Settlements Demonstrate Breadth of HIPAA Enforcement Activity

During the week of April 18, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced two significant settlements with a large New York City hospital and a North Carolina orthopaedic...more

Lights, Camera, Settlement: OCR says a picture is worth $2.2 million

A New York hospital has settled with the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) for $2.2 million after allowing a TV crew for the ABC documentary series “NY Med” to film patients...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

A U.S. privacy crackdown: Hospital fined $2.2 million in filming of dying patient

Hospital patients who are dying or in extreme duress should not have their privacy exploited by reality television camera shows, federal health care regulators now have made clear. They have just settled with a noted New York...more

Understanding when Business Associate Agreements are necessary can avoid costly and embarrassing enforcement actions

A recently publicized settlement with the Office of Civil Rights of the U.S. Department of Health and Human Services highlights that it is not only important to have a HIPAA-compliant form of business associate agreement...more

Keeping Coverage Online: Fourth Circuit Confirms Internet Data Breach Claim Triggers Commercial General Liability Policies

In a clear rejection of insurers’ attempts to artificially narrow the broad coverage provided by commercial general liability (“CGL”) policies, the United States Court of Appeals for the Fourth Circuit recently held that an...more

Not Everyone Wants to Be on TV

It turns out that not everyone wants to be on television. New York-Presbyterian found that out the hard way. Back in 2011 the hospital allowed a television camera crew inside treatment areas to record footage for the...more

NY Hospital to Pay $2.2 Million for Allowing TV Crew to Videotape Dying Patient

On the ABC television series “NY Med,” doctors from New York-Presbyterian Hospital (NYP) are profiled as they perform medical procedures. However, in an effort to keep it “real,” the show’s crew has landed the hospital in hot...more

Health Law Insights Newsletter - Issue 8 - April 2016

McCarter & English, LLP’s Health Care Group presents Issue 8 of the Health Law Insights, which discusses the latest legal issues in the health care industry. NATIONAL - New Payment Model for Part B Drugs Proposed -...more

Not a Check-the-Box Exercise: Failure to Have Signed BAA Results in Substantial Fine

A group practice that was the victim of a silver-harvesting scam has agreed to pay the U.S. Department of Health and Human Services (“HHS”) $750,000 to settle charges that it released protected health information (“PHI”) of...more

OCR issues audit protocol and targets over 800 entities—business associates too

The Office for Civil Rights (OCR) has issued its revamped audit protocol for its second phase of auditing covered entities and business associates’ compliance with the HIPAA Privacy, Security and Breach Notification Rules....more

733 Results
|
View per page
Page: of 30
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×