Protected Health Information Covered Entities

News & Analysis as of

Proceed With Caution: Does HIPAA Apply to Your Business?

Even if your business is not in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act (HITECH...more

HIPAA and Jason Pierre-Paul’s Medical Chart – Setting the Record Straight

Last night, ESPN reporter Adam Schefter tweeted a photo of New York Giants defensive end Jason Pierre-Paul’s medical chart, which chart indicated that Pierre Paul had his index finger amputated. The amputation was apparently...more

Blog: HIPAA FAQ Series: Does HIPAA Protect the PHI of Deceased Individuals?

In order to protect the privacy and security of patients’ information, the Health Insurance Portability and Accountability Act (HIPAA) imposes substantial obligations on covered entities (certain providers, plans, and health...more

Deeper Dive: Healthcare Incidents Involving More Than 500 Individuals Are Investigated 100 Percent of the Time

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

Also In the News - Data, Privacy, & Security Practice Report - May 2015

ONC Releases Updated Guide To Privacy And Security of Electronic Health Information ? The Office of the National Coordinator for Health Information Technology (“ONC”) recently released Version 2.0 of the Guide to Privacy and...more

OCR Launches Phase 2 HIPAA Audit Program with Pre-Audit Screening Surveys

Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities have reported that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently sent pre-audit screening surveys...more

OCR Transmits Pre-Audit Screening Surveys to Covered Entities for Phase 2 HIPAA Compliance Audits

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) recently transmitted HIPAA pre-audit screening surveys to covered entities that may be selected for a second phase of HIPAA compliance audits...more

OCR Enforcement of HIPAA Affects Entities of all Sizes Small Pharmacy Enters into Latest Settlement

U.S. Department of Health and Human Services (HHS) announced late last week that Cornell Prescription Pharmacy (Cornell) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996...more

OCR Announces Another HIPAA Settlement and Warns Not to Forget About Paper Records

On April 27, 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy (“Cornell Pharmacy”) had entered into a resolution agreement to settle,...more

HHS Settlement: Dumpster-Diving Leads to Settlement for Improper Disposal of Documents Containing Protected Health Information

The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it has reached an agreement with a small pharmacy to resolve potential HIPAA violations. The settlement arose from the...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Cloud Storage Provider?

This week, the HIPAA FAQ series continues with another topic about business associate agreements (BAAs). As most Covered Entities and Business Associates know, in the event that a Covered Entity utilizes a service provider...more

EEOC Issues Proposed Wellness Program Amendments to ADA Regulations

On April 16, 2015, the Equal Employment Opportunity Commission (“EEOC”) released its highly anticipated proposed regulations (to be published in the Federal Register on April 20, 2015, for notice and comment) setting forth...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Mail Carrier?

This week, the HIPAA FAQ series continues with a topic about business associate agreements (BAAs). Most Covered Entities and Business Associates are familiar with general BAA obligations. ...more

Pharmacies: Watch Out for Future HHS Crackdowns on Security Rule Violations

As we all know by now, HIPAA required the Secretary of the U.S. Department of Health and Human Services (HHS) to adopt regulations protecting the privacy of "protected health information" (PHI). HHS responded to that...more

Blog: HIPAA FAQ Series: Does HIPAA Permit Communications via E-mail with PHI Subjects?

Last week, we introduced a new series to this blog that will cover frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). This week, the series continues by delving into a hot...more

OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014

With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

OCR Updates Breach Report Web Portal — Changes Could Impact Annual Breach Reports

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently launched an updated version of the portal covered entities must use to notify OCR regarding a breach of unsecured protected health...more

Deadline Approaching to Report Certain HIPAA Breaches to Federal Officials

The HIPAA Breach Notification Rule requires covered entities to notify the Secretary of the Department of Health and Human Services (HHS) if a breach of unsecured protected health information (PHI) is discovered. As most...more

HIPAA: Deadlines Pass and Definitions Change

For all covered entities and business associates, September 22 was the last day for business associate agreements (BAAs) to comply with the Omnibus HIPAA Rule (the Rule) released in January 2013. Before the Rule’s release,...more

IT Maintenance Crucial for HIPAA Compliance

The Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) recently announced an agreement with a medical center to settle charges stemming from the center’s failure to prevent malware from infecting its...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

Failure to take basic security measures may result in HIPAA penalties – 6 tips to keep up with updates and patches

Covered Entities and their Business Associates must comply with HIPAA’s Security Rule, or they may face substantial penalties. The Office of Civil Rights (OCR) recently shared a resolution agreement that emphasizes the...more

106 Results
|
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×