News & Analysis as of

Grand Theft PHI – Are Vendors Putting You at Risk for a HIPAA Breach?

Your vendor’s employee goes home after a long day of collecting wellness questionnaires and biometric screening results only to wake up the next day to discover that her car has been stolen from her driveway. As you can...more

FDA Regulatory and Compliance Monthly Recap – November 2014

In an unusual move, the FDA takes issue with the accuracy of Sciecure’s studies in a warning letter over sales promotion material for the company’s sleeping pill - In addition to criticizing the pharmaceutical company...more

OIG’s New Work Plan Focuses on the Security of Health Information

On October 31, 2014, The U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) released its Work Plan for fiscal year (FY) 2015. The Work Plan summarizes “new and ongoing reviews of activities...more

HIPAA Privacy in Emergency Situations

In light of the Ebola outbreak and other events, the U.S. Department of Health and Human Services, Office for Civil Rights, released a bulletin to ensure HIPAA covered entities are aware of the ways in which patient...more

Health Update - November 2014

“Healthcare-Related” Calls: Ambiguity at the Intersection of HIPAA and TCPA - Editor’s Note: The Federal Communications Commission (FCC) has established exemptions from certain requirements of the Telephone Consumer...more

HHS Issues Special HIPAA Guidance for Ebola Outbreak

The U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"), released a bulletin last week addressing how covered entities (including certain health care providers and employer group health...more

Health Care Providers Responding to Ebola: HHS Issues Guidance Reminding Covered Entities that HIPAA Allows the Sharing of PHI in...

The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) has issued guidance to remind HIPAA-covered entities of the ways in which they are permitted under HIPAA to share protected health information...more

HHS Explains Privacy Rule in Emergency Situations

On November 10, 2014, the U.S. Department of Health and Human Services (HHS) issued a bulletin reminding covered entities and business associates of how they may disclose patient information for public health activities or in...more

HHS: No Sensational News Exception to HIPAA. Health Care Providers Should Plan Now for Dealing with Ebola Publicity

Many people in the general public – and most in the health care industry – would recognize the names Eric Duncan (who died of Ebola in a U.S. hospital), Nina Pham (who contracted Ebola through exposure in a U.S. hospital) and...more

HIPAA in the Time of Ebola

Ebola has recently been the source of much concern, and health care providers and hospitals are taking steps to prepare themselves for the possibility of treating patients with Ebola. In addition to all of the medical...more

Ebola or Not, Patient Privacy Must Be Protected: Office for Civil Rights Issues Bulletin on HIPAA Requirements in Emergency...

In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued a new bulletin reminding HIPAA-covered entities and their business associates that the...more

Blog: FDA Cybersecurity Workshop for Healthcare

On October 21-22 the U.S. Food and Drug Administration (FDA), in collaboration with the U.S. Departments of Health and Human Services and Homeland Security, conducted a public workshop entitled “Collaborative Approaches for...more

Blog: Federal Advisory Group Considers Patient Data Standards

This week, the Privacy and Security Workgroup within the Health IT Policy Committee was tasked by the U.S. Department of Health and Human Services (“HHS”) to discuss certain patient data protections. Specifically, they were...more

Government Conference Highlights Need for Protecting Health Information

The National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently highlighted the importance of protecting health information at the...more

Company Claims “HIPAA Has No Teeth”, Will Start Notifying Affected Individuals of Security Breaches and Vulnerabilities that Have...

A company named SLC Security, LLC (“SLC”), recently announced that it will begin notifying individuals if it believes it has identified a security breach or vulnerability of a company and it has not received a satisfactory...more

Recent Trends in HIPAA Liability

Since the passage of the 2013 HIPAA Omnibus Rule, there has been a substantial increase in HIPAA enforcement actions brought by the Department of Health and Human Services, including an increase in so-called “high-impact...more

Mishandling Medical Records Turns Into an $800,000 HIPAA-Compliance Mistake

A non-profit healthcare company agreed to pay $800,000 as part of a settlement with the U.S. Department of Health and Human Services (HHS) for allegedly mishandling 71 boxes of medical records in violation of the privacy rule...more

Deadline For Business Associate Agreement And Data Use Agreement Compliance Is September 22, 2014

September 22, 2014 is the deadline to have all business associate and data use agreements updated to conform to the new requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Omnibus...more

News from the Health Law Gurus™

Chinese Hackers Infiltrate Health System Network Affecting 4.5 Million Individuals – Community Health Systems, Inc. (“CHS”) reported this week that the information of approximately 4.5 million individuals has been affected by...more

OCR to Begin Phase 2 of HIPAA Audit Program

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Medicaid Claims And Health Care Fraud: As The Data Flows, New Cracks Emerge

As we noted in two of our prior posts in the Insider blog, the government has long touted its ability to rely upon data mining as a means of detecting fraud in the federal health care system, and has initiated a host of...more

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

HIPAA Data Breaches

HIPAA has been on the books since 1996. With the advent of electronic health records, HHS adopted security regulations to require covered entities to protect the integrity, confidentiality, and availability of electronic...more

Health System Pays $800,000 Fine for Leaving PHI in Doctor’s Driveway

While enforcement activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has focused primarily on a covered entity’s safeguard of electronic protected health information (ePHI),...more

OCR Annual Report Highlights Breaches Of Unsecured Protected Health Information

The Health Information Technology for Economic and Clinical Health Act ("HITECH") requires Covered Entities and Business Associates to provide notification of breaches of unsecured Protected Health Information. The Department...more

172 Results
|
View per page
Page: of 7