News & Analysis as of

Failure to take basic security measures may result in HIPAA penalties – 6 tips to keep up with updates and patches

Covered Entities and their Business Associates must comply with HIPAA’s Security Rule, or they may face substantial penalties. The Office of Civil Rights (OCR) recently shared a resolution agreement that emphasizes the...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Recent HHS Settlement Highlights Importance of Updating HIPAA Compliance Programs

On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates...

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance...more

Provider Beware: HIPAA and State Privacy Laws May Inform Negligence Suits

A recent opinion from the Connecticut Supreme Court illustrates that HIPAA is not the only law that covered entities and business associates must worry about if an unauthorized disclosure of protected health information (PHI)...more

HIPAA Privacy in Emergency Situations

In light of the Ebola outbreak and other events, the U.S. Department of Health and Human Services, Office for Civil Rights, released a bulletin to ensure HIPAA covered entities are aware of the ways in which patient...more

Health Update - November 2014

“Healthcare-Related” Calls: Ambiguity at the Intersection of HIPAA and TCPA - Editor’s Note: The Federal Communications Commission (FCC) has established exemptions from certain requirements of the Telephone Consumer...more

HHS Issues Special HIPAA Guidance for Ebola Outbreak

The U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"), released a bulletin last week addressing how covered entities (including certain health care providers and employer group health...more

OCR Publishes Bulletin Regarding Privacy in Light of Ebola Outbreak

In response to the recent Ebola outbreak in West Africa and in light of patients being treated in several hospitals in the U.S., the HHS, OCR (OCR) recently issued a HIPAA Bulletin to remind us that HIPAA covered entities and...more

Health Care Providers Responding to Ebola: HHS Issues Guidance Reminding Covered Entities that HIPAA Allows the Sharing of PHI in...

The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) has issued guidance to remind HIPAA-covered entities of the ways in which they are permitted under HIPAA to share protected health information...more

HHS Explains Privacy Rule in Emergency Situations

On November 10, 2014, the U.S. Department of Health and Human Services (HHS) issued a bulletin reminding covered entities and business associates of how they may disclose patient information for public health activities or in...more

HIPAA Omnibus Rule: Deadline Approaching to Update Grandfathered Business Associate Agreements

Although the HIPAA Omnibus Rule (the “Rule”) went into effect nearly 18 months ago, the transition period for bringing business associate agreements into compliance with the Rule’s new requirements will end on September 23,...more

September 22, 2014 – HIPAA Compliance Deadline for Business Associate Agreements Is Just Around the Corner

All business associate agreements (“BAAs”) must be updated and compliant with current Health Insurance Accountability and Portability Act (“HIPAA”) regulations by September 22, 2014. Failure to meet this deadline could result...more

Business Associate Agreements May Require Amendment

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

Action Required for Covered Entities, Business Associates and Their Subcontractors

Early last year, the Department of Health and Human Services issued final privacy and security regulations (Final Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Final Rule, effective...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

It’s No Surprise: Health Care Data Breaches Are on the Rise and So Is Government Enforcement

In This Issue: - The Take-Aways for Covered Entities and Business Associates - For More Information - Excerpt from The Take-Aways for Covered Entities and Business Associates: As a majority of the...more

Health Law Alert: The Deadline for Amending Business Associate Agreements is Quickly Approaching

A key change from 2013’s HITECH “Omnibus” Rule was a requirement that Business Associate Agreements (“BAAs”) be modified to reflect revisions to HIPAA regulations. When the rule was issued on January 25, 2013, Covered...more

Protect Your Blindside: Identify All HIPAA Business Associates/Subcontractors

Under the recently enacted Health Information Technology for Economic and Clinical Health (HITECH) Act, and implementing regulations, the definition of the HIPAA term "Business Associate" has been expanded. A "Business...more

HIPAA Compliance And September 23, 2013 — The Day The World Did NOT End

Everyone old enough to remember will recall Y2K – the year our world was supposed to end in a catastrophic transition from December 31, 1999 to January 1, 2000. Instead, since we are still here, we all recall what happened –...more

Hearing to Address HIPAA Accounting of Disclosures

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

Privacy Monday – September 23, 2013: Today Is HIPAA Compliance Day – 5 Things That You Should Have Done

Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule. In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape. Here...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

HIPAA Toolbox - Expanded Definition of Business Associates

September 23rd is the HIPAA Omnibus Rule compliance deadline. The Rule expands the definition of Business Associates (BAs). Are you prepared? Incorrect determinations lead to increased risk and potential liability for...more

131 Results
|
View per page
Page: of 6