News & Analysis as of

Health Law Alert: HIPAA Enforcement on the Rise, as OCR Audit Program Moves Forward

A recent settlement from New York—involving the largest fine levied to date in the history of HIPAA enforcement, a staggering $4.8 million imposed on two public hospitals—should remind health care providers, health plans and...more

Perspectives - June 2014

In This Issue: - Staying in Compliance While Giving or Receiving Electronic Health Record Systems - When Donations Cross the Line - House Bill 296 Signed into Law to Increase Access to Epinephrine Autoinjectors...more

Policyholders Face Heightened Scrutiny Under OCR’s New Permanent Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has notably increased enforcement of compliance with the Health Insurance Portability and Accountability Act (“HIPAA”) and Health Information...more

Hospital Executive Indicted for Allegedly Lying about Meaningful Use of Electronic Health Records

A hospital executive was recently indicted for allegedly submitting a false attestation regarding a hospital’s “meaningful use” of electronic health records (“EHR”) technology through the Medicare EHR incentive program. This...more

HHS Reports First HIPAA Settlement with a County Government

According to a HHS press release issued last Friday, Skagit County, Washington, has agreed to a $215,000 settlement with the agency to resolve allegations that the county’s HIPAA compliance program was deficient. The Skagit...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

Accretive Health Data Breach Leads To Twenty-Year Settlement With The FTC

On December 31, 2013, the Federal Trade Commission ("FTC") announced that Accretive Health, Inc., ("Accretive") agreed to settle charges that the company's inadequate data security measures exposed sensitive consumer...more

HHS Gives A Thumbs Down For Stolen Thumb Drive

On December 26, 2013, the U.S. Department of Health and Human Services Office for Civil Rights (HHS) announced that it had reached an agreement with a Northeastern dermatology practice to settle potential HIPAA violations...more

The Cloud: Google Apps for Business and HIPAA Compliance

Does your company use Google Apps for Business? Are you a health care provider, health plan, or health care clearinghouse (“Covered Entity” or “Covered Entities”) subject to the Health Insurance Portability and Accountability...more

Practical Suggestions For Law Firm Compliance With HIPAA

Under the Health Insurance Privacy and Accountability Act of 1996 (“HIPAA”), health plans, health care clearinghouses, and most health care providers (collectively, “Covered Entities”) must protect the privacy and security of...more

HIPAA Compliance And September 23, 2013 — The Day The World Did NOT End

Everyone old enough to remember will recall Y2K – the year our world was supposed to end in a catastrophic transition from December 31, 1999 to January 1, 2000. Instead, since we are still here, we all recall what happened –...more

HIPAA Omnibus Rule Compliance Deadline

September 23, 2013, the deadline for compliance with the new Health Insurance Portability and Accountability Act (HIPAA) regulations, is here. Although there has been much discussion about the new regulations since they were...more

The HIPAA Compliance Deadline is Less Than One Week Away. Business Associate Agreements and Other Documents Must Be Revised. Are...

On September 23, 2013, Covered Entities and Business Associates must be compliant with the final Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule (the “HIPAA Final Rule”). The HIPAA Final Rule modified...more

Ready For HITECH Changes On September 23, 2013? Find Out With This Compliance Checklist For Employer-Sponsored Health Plans

The final regulations implementing the Health Information Technology for Economic and Clinical Health (HITECH) Act were issued in January and compliance is required by September 23, 2013. The final regulations require covered...more

New HIPAA Deadline Around the Corner: Be Prepared!

Don’t look now, but another HIPAA deadline is just around the corner. As we noted last month, the deadline is looming for employer-sponsored health benefit plans to come into compliance with U.S. Department of Health...more

3 Weeks Left: Is Your Business Ready for HIPAA Compliance?

The September 23, 2013 deadline for covered entities, business associates and their subcontractors to implement the new HIPAA rules is approaching quickly. In case you missed it, on January 25, 2013, the U.S. Department of...more

Health Plan Fined for HIPAA Breach Relating to Information Stored on Photocopiers

On Wednesday, August 14, 2013, the U.S. Department of Health and Human Services (HHS), announced that it had reached a $1,215,780 settlement with Affinity Health Plan, Inc., a not-for-profit managed care plan serving the New...more

HHS OCR Director Leon Rodriguez's Dialogue on HIPAA/HITECH Compliance

“HIPAA is a valve, not a blockage,” stated HHS OCR Director Leon Rodriguez, at the OCR/NIST 6th Annual Conference on Safeguarding Health Information: Building Assurance through HIPAA Security....more

HHS Expands HIPAA Privacy Compliance Requirements

On January 25, 2013, the Department of Health and Human Services (HHS) published its final rule, which implements the regulatory changes imposed on business associates found in the Health Information Technology for Economic...more

HIPAA Task Force – May 2013

In this issue: - What Your Business Needs To Do About Hipaa — Now - Action Items for Covered Entities and Business Associates (including Subcontractors) - Changes Impacting Business Associates (including...more

Cloud Storage Providers Storing Protected Health Information May Be Obligated to Comply with HIPAA Regulations

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

Highlights of the Omnibus HIPAA/HITECH Final Rule

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more

HIPAA Rules Overhaul Ups Compliance Ante

Originally posted in Hartford Business Journal on February 11th, 2013. Attention all medical providers, hospitals and any other covered entity or business associate under HIPAA. On Jan. 17, the U.S. Department of Health...more

New HIPAA Rule Imposes Data Security and Privacy Obligations Directly Upon Vendors and Contractors of Covered Entities

On January 25, 2013, the Department of Health and Human Services ("HHS") published the Final Rule to the Health Insurance Portability and Accountability Act of 1996 ("HIPAA")'s Data Security and Privacy Rules. The Final Rule...more

Now Is The Time To Revise Your Business Associate Agreements and Notice of Privacy Practices

There is a lot of confusion among providers caused by therecent publication of new rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). On January 25, 2013, the HIPAA final omnibus rule...more

50 Results
|
View per page
Page: of 2