Protected Health Information

News & Analysis as of

What Preemption? Connecticut State Court Gives Life to Negligence Claims Based on HIPAA Privacy Standard of Care

Like many federal statutes, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) contains a provision governing how the statute is designed to interact with similar or otherwise related state laws. When...more

What Can You Expect in 2015 Regarding HIPAA Enforcement?

As of earlier this month, 1, 170 breaches involving 31 million records have been reported to the Department of Health and Human Services (HHS) since mandated reporting of breaches began in September 2009.  An increase in the...more

Hospital Fires Back: Accuses Whistleblowers of Violating Patient Confidentiality

Hospitals have long seethed over employees who exploit their inside information to become whistleblowers. There’s generally not much they can do besides seethe unless the employee has some special duty of confidentiality...more

On the Tenth Day of Privacy, OCR Gave to Me…..

……………..a cumbersome C-A-P The U.S Department of Health and Human Services Office for Civil Rights has received tremendous publicity in recent years for its upward-trendingfines and aggressive enforcement of HIPAA...more

News from the Health Law Gurus™

Patient Medical Records Stolen from New Jersey Storage Facility – Tribeca Medical Center is notifying patients that their protected health information may be compromised. According to a privacy notice posted on Tribeca...more

Employer Liability for Employees’ Privacy Violations: What your organization should learn from Walgreens’ expensive lesson (hint:...

You may already have read the scintillating facts surrounding a jury award of $1.44 million (recently challenged unsuccessfully on appeal) against Walgreen Co. (Walgreens) following its pharmacist’s alleged inappropriate...more

Advertising Law - December 2014 #3

FCC Proposes Online Disclosures for Broadcast Contests - The Federal Communications Commission has proposed a rule change that would allow broadcast stations to disclose on the Internet the material terms for contests...more

On The Eighth Day of Privacy, Health Care Systems (Over)Shared Data

When is “sharing” too much of a good thing? And will it get worse for health care systems in 2015? Data sharing has become a point of sharp focus in the efforts to improve the quality and efficiency of health...more

Blog: No More Paper PIs? FDA Issues Proposed Rule on Electronic Distribution of Prescribing Information

Yesterday, the U.S. Food and Drug Administration (FDA) announced a proposed rule to require electronic distribution of the prescribing information intended for health care professionals (often called the “PI”) for human...more

Let the Games Begin: First Sony Class Action Lawsuit Filed Over Data Breach

It’s happened. The first class action lawsuit has been filed against Sony for failing to prevent hackers from stealing its current and former employees’ social security numbers, medical records, and salary information....more

Latest HIPAA Settlement: Compliance is an Ongoing Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more

Failure to take basic security measures may result in HIPAA penalties – 6 tips to keep up with updates and patches

Covered Entities and their Business Associates must comply with HIPAA’s Security Rule, or they may face substantial penalties. The Office of Civil Rights (OCR) recently shared a resolution agreement that emphasizes the...more

Medical Billing Provider and its Former CEO Settle FTC Charges That They Misled Consumers About Collection of Personal Health Data

In an age when many of us briskly scroll through website terms and conditions and check, “I agree” without thinking, how should businesses design their websites to obtain proper authorization to access users’ sensitive...more

$150,000 HIPAA Settlement Following Breach of Unsecured PHI Due To Malware

The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced on December 8, 2014 that a community behavioral health organization agreed to pay $150,000 and adopt a corrective action plan to...more

Governor’s Council recommending mandatory use of SCRIPTS program

Prescription drug abuse is epidemic across the nation, and South Carolina has not been immune. According to a 2013 report from the State’s Inspector General, South Carolina ranked 23rd per in per capita opioid painkiller...more

Malware Incident at Mental Health Nonprofit Leads to $150K Settlement with OCR

As cyberattacks targeting the healthcare industry continue to escalate, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has published its first-ever resolution agreement stemming from an...more

Just in Time for the Holidays: Another HIPAA Settlement

On December 2, 2014, the Office for Civil Rights (OCR) and Anchorage Community Mental Health Services, Inc., (ACMHS) entered into a Resolution Agreement and Corrective Action Plan (CAP) to settle alleged violations of the...more

Failure to Follow HIPAA Policies Results in $150,000 Liability and Corrective Action Plan

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS-OCR) has recently released information about another HIPAA settlement, emphasizing yet again the government's focus on the Health Insurance...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Recent HHS Settlement Highlights Importance of Updating HIPAA Compliance Programs

On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates...

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance...more

HIPAA Settlement Continues to Emphasize the Importance of Security Policies and Procedures

A recently announced settlement between Anchorage Community Mental Health (“ACMHS”) and the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”) emphasizes, once again, the importance of compliance with...more

Provider Beware: HIPAA and State Privacy Laws May Inform Negligence Suits

A recent opinion from the Connecticut Supreme Court illustrates that HIPAA is not the only law that covered entities and business associates must worry about if an unauthorized disclosure of protected health information (PHI)...more

Grand Theft PHI – Are Vendors Putting You at Risk for a HIPAA Breach?

Your vendor’s employee goes home after a long day of collecting wellness questionnaires and biometric screening results only to wake up the next day to discover that her car has been stolen from her driveway. As you can...more

Privacy Tuesday: December 2014 – The Twelve Days of Privacy 2014

Our series last year was a reader favorite, so we decided to put our prognosticator hats on again and present: Rather than look back at 2014, starting tomorrow, the Privacy & Security blog will count down The 12 Days...more

465 Results
|
View per page
Page: of 19