News & Analysis as of

Protected Health Information Data Breach EHR

Faegre Drinker Biddle & Reath LLP

$100,000 HIPAA Settlement With Solo Physician Practice

Dr. Steven A. Porter, M.D., P.C. (Dr. Porter’s Practice) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $100,000 no-fault settlement agreement and two year...more

Robinson & Cole LLP

Medical Informatics Engineering discloses data breach

Robinson & Cole LLP on

Electronic health record (EHR) vendor Medical Informatics Engineering and its subsidiary, NoMoreClipBoard, which is a personal health record (PHR) product, notified its EHR clients and PHR individuals that it has been the...more

Cooley LLP

Blog: Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

Cooley LLP on

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach...more

Fisher Phillips

How To Analyze A HIPAA Breach

Fisher Phillips on

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

BakerHostetler

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

BakerHostetler on

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

Davis Wright Tremaine LLP

Good News: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more

Mintz - Privacy & Cybersecurity Viewpoints

Massive Data Breach Affects 4.5 Million Patients in 29 States

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more

Faegre Drinker Biddle & Reath LLP

Hospital Operator Reports 4.5 Million Patients’ Data Stolen in Cyberattack

The Tennessee-based acute-care hospital chain Community Health Systems, Inc. (CHS), reported on August 18 that information on approximately 4.5 million patients was stolen from the company. CHS is one of the largest hospital...more

Benesch

4.5 Million Patients’ Information Stolen by Hackers

Benesch on

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Baker Donelson

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

Baker Donelson on

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Tucker Arensberg, P.C.

Hospital Network Reports Large HIPAA Breach

Tucker Arensberg, P.C. on

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

BakerHostetler

Health System Investigated for Leaving PHI in Doctor’s Driveway – Settles with OCR for $800K

BakerHostetler on

While OCR enforcement activity has focused on a covered entity’s safeguarding of ePHI, organizations cannot forget about PHI in non-electronic form. To settle potential violations of the HIPAA Privacy Rule, Parkview Health...more

Mintz - Privacy & Cybersecurity Viewpoints

Five Lessons from OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

Last week, the HHS Office of Civil Rights (OCR) released two reports required by the Health Information Technology for Economic and Clinical Health (HITECH) Act: (i) the Annual Report to Congress on Breaches of Unsecured...more

Cozen O'Connor

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

Cozen O'Connor on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

Manatt, Phelps & Phillips, LLP

Health Update - May 2014

Litigation Arising from the Affordable Care Act: The Blessing and Curse of Interesting Times - The Affordable Care Act (ACA) has brought the most sweeping changes to the healthcare delivery and payment systems in the...more

BakerHostetler

HHS OCR Settles Post-Data Breach Investigation for Record $4.8M

BakerHostetler on

On May 7, 2014, HHS OCR announced a pair of resolution agreements with New York Presbyterian Hospital (NYP) and Columbia University (CU) totaling $4.8 million dollars—the highest settlement amount to date. These resolution...more

Dentons

Health Law Blog: County Government Settles Alleged HIPAA Violations

Dentons on

A small county in Washington has agreed to pay $215,000 to settle allegations that it violated HIPAA by failing to secure electronic protected health information. Skagit County maintained protected health information (“PHI”)...more

Holland & Knight LLP

New Ponemon Study on Patient Privacy & Data Security Released

Holland & Knight LLP on

The Ponemon Institute’s Fourth Annual Study on Patient Privacy & Data Security, dated March of 2014 and sponsored by ID Experts, is now available. The study, involving a sample of 91 organizations, contains both good news and...more

BakerHostetler

Proposed $6.8M Fine Related to Puerto Rico Breach Incident

BakerHostetler on

Triple-S Salud, Inc. (“Triple-S”), a Puerto Rico Health Insurance Administration (“PRHIA”) contractor, filed a Form 8-K indicating that the PRHIA intended to impose a civil monetary penalty of $6,768,000 and other...more

Obermayer Rebmann Maxwell & Hippel LLP

Triple-S Socked with $6.8 Million Sanctions for PHI Breach

Triple-S, an insurance holding company and subsidiary of Triple-S Management Corporation, was notified by the Puerto Rican Health Insurance Administration (“HIA”) that HIA would pursue penalties against Triple-S for its...more

Obermayer Rebmann Maxwell & Hippel LLP

Health Care Entity Pays $150,000 to HHS as a Result of Stolen Thumb Drive Containing PHI

Encrypting USB drives, analyzing security risks, and implementing breach notification policies and procedures could mean the difference between compliance with the Health Insurance Portability and Accountability Act (“HIPAA”)...more

McDermott Will & Emery

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

McDermott Will & Emery on

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

Manatt, Phelps & Phillips, LLP

Health Update - Jan 27, 2014

Going Digital with Patients: Managing Potential Liability Risks of Patient-Generated Electronic Health Information - Patients are increasingly using new electronic tools, such as personal health records and mobile...more

Polsinelli

Stolen Thumb Drive Sets HIPAA Precedent

Polsinelli on

A Massachusetts dermatology practice, Adult & Pediatric Dermatology, P.C. ("APDerm") recently agreed to pay $150,000 to settle potential violations of HIPAA Privacy, Security, and Breach Notification Rules. The settlement was...more

Tucker Arensberg, P.C.

Dermatology Practice Agrees to Settlement in Connection with HIPAA Breach

Tucker Arensberg, P.C. on

A Massachusetts-based dermatology practice recently agreed to pay $150,000 to settle claims that it failed to have sufficient policies and procedures in place to address a breach notification requirement under the HITECH Act....more

26 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide