Protected Health Information

News & Analysis as of

House Passes Medical Innovation Bill That Would Revise HIPAA

On July 10, the U.S. House of Representatives approved the 21st Century Cures Act (the Act), a bill intended to support advancements in medical innovation. The Act includes measures aimed at spurring medical research,...more

Can We Talk? Florida Court Rejects Latest Challenge to Med Mal Presuit Authorization Law

In the latest challenge to a Florida law designed to promote early settlement of meritorious medical malpractice claims, the Florida First District Court of Appeal recently rejected a plaintiff’s arguments that 2013...more

Class Action Suit Filed Against UCLA After It Suffers Massive Data Breach Affecting 4.5 Million Individuals

In yet another data breach affecting millions of individuals, UCLA Health System (“UCLA”) reported on July 17, 2015, that hackers had accessed portions of its health network that contained personal information, including...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

OCR Settlement with Massachusetts Hospital Over HIPAA Violations

On July 8, 2015, the United States Department of Health and Human Services, Office for Civil Rights (“OCR”), which enforces federal privacy standards for protected health information (“PHI”), settled an enforcement action...more

Proceed With Caution: Does HIPAA Apply to Your Business?

Even if your business is not in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act (HITECH...more

Rhode Island Governor Signs Comprehensive Identity Theft Protection Act

On June 26, Rhode Island Governor Gina Raimondo (D) signed into law Senate Bill 0134, the Rhode Island Identity Theft Protection Act of 2015 (the Act), which clarifies data security measures, expands protection to health data...more

Blog: St. Elizabeth’s Medical Center Reaches Agreement to Settle Alleged HIPAA Breach

Last week, St. Elizabeth’s Medical Center (SEMC), a hospital located in Brighton, Massachusetts, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying...more

Is My Telehealth App Subject to HIPAA?

Many telehealth and mHealth app developers are concerned about whether or not their app is a medical device under FDA regulations (and rightfully so), they often pay less attention to the Health Insurance Portability and...more

Hospital Pays $218,400 to OCR for HIPAA Violations

St. Elizabeth’s Medical Center (“SEMC”), a tertiary care hospital in Brighton, Massachusetts, has agreed to pay $218,400 to the Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance Portability...more

PII in your ESI: The Intersection of Data Privacy and E-Discovery

There is a significant nexus between data privacy and security and e-discovery that grows more pronounced as the volume of data generated multiplies exponentially and the ability of e-discovery tools to collect and process...more

Recent HHS Settlement Highlights Risks of Electronically-Sharing Protected Health Information

On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more

HIPAA and Jason Pierre-Paul’s Medical Chart – Setting the Record Straight

Last night, ESPN reporter Adam Schefter tweeted a photo of New York Giants defensive end Jason Pierre-Paul’s medical chart, which chart indicated that Pierre Paul had his index finger amputated. The amputation was apparently...more

A New Era of HIPAA Enforcement

Traditionally, HIPAA enforcement is assigned to the Department of Health and Human Services’ Office for Civil Rights (OCR). In November 2013, Health and Human Services’ Office of Inspector General sharply criticized OCR’s...more

Health care worker sent to jail for HIPAA violations

When we train employees on HIPAA, we always remind them that HIPAA violations carry significant penalties-both civil and criminal. Our favorite line is “Keep your day job.” Stealing patient information is never worth the...more

Medical Informatics Engineering discloses data breach

Electronic health record (EHR) vendor Medical Informatics Engineering and its subsidiary, NoMoreClipBoard, which is a personal health record (PHR) product, notified its EHR clients and PHR individuals that it has been the...more

Blog: HIPAA FAQ Series: Does HIPAA Protect the PHI of Deceased Individuals?

In order to protect the privacy and security of patients’ information, the Health Insurance Portability and Accountability Act (HIPAA) imposes substantial obligations on covered entities (certain providers, plans, and health...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

The Devil in the “Cyber” Insurance Details

There’s a tempest amidst the recent spring shower of “cyber” insurance cases. It isn’t the Recall Total case reported the week before last, or the Travelers v. Federal Recovery Services case reported the week before. While...more

Technology in Healthcare [Video]

From the 2015 PLUS Medical PL Symposium session “Technology in Healthcare: EHRs & PHI,” moderator Patricia Marzella-Graubert (Swiss Re American Holdings Corporation) and panelist Alexander Grijalva (New York Presbyterian...more

Lack of Typicality and Adequacy of Representation Prevents Class Certification in Health Care Data Breach

The opinion from the Philadelphia Court of Common Pleas reinforces lack of standing as a defense for companies facing data breach–related class actions. On March 25, the Philadelphia Court of Common Pleas provided...more

Insurer Seeks Declaratory Judgment Against Policyholder for Data Breach

Late last month, Columbia Casualty Company instituted a declaratory judgment lawsuit in the United States District Court for the Central District of California against its insured, Cottage Health System. Columbia Casualty...more

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

Think You Know Your HIPAA-Related Obligations? Read the ONC’s New Privacy and Security Guide to Find Out

In 2013, we alerted you to the expansion of the definition of the term “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Now, the Office of the National Coordinator for Health...more

Also In the News - Data, Privacy, & Security Practice Report - May 2015

ONC Releases Updated Guide To Privacy And Security of Electronic Health Information ? The Office of the National Coordinator for Health Information Technology (“ONC”) recently released Version 2.0 of the Guide to Privacy and...more

547 Results
|
View per page
Page: of 22

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×