Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus...more
Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more
Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more
The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more
Nearly one year after a Massachusetts provider paid $1.5 million to settle potential HIPAA violations for the theft of an unencrypted laptop containing protected health information (PHI), providers are reminded once again of...more
September 23, 2013, the deadline for compliance with the new Health Insurance Portability and Accountability Act (HIPAA) regulations, is here. Although there has been much discussion about the new regulations since they were...more
This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more
Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule.
In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape.
Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more
September 23rd is the HIPAA Omnibus Rule compliance deadline. The Rule expands the definition of Business Associates (BAs). Are you prepared?
Incorrect determinations lead to increased risk and potential liability for...more
On September 11, 2013, HHS stated in a joint motion filed in the case of Adheris, Inc. v. Sebelius, No. 1:13-cv-1342 (D.D.C.), that it plans to issue guidance on a HIPAA regulation related to prescription drug refill...more
On September 23, 2013, Covered Entities and Business Associates must be compliant with the final Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule (the “HIPAA Final Rule”). The HIPAA Final Rule modified...more
The HIPAA Privacy Regulations have long required covered entities to seek a patient authorization in order to use or disclose protected health information ("PHI") for marketing purposes. However, the Office for Civil Rights...more
The September 23, 2013 deadline for covered entities, business associates and their subcontractors to implement the new HIPAA rules is approaching quickly. In case you missed it, on January 25, 2013, the U.S. Department of...more
The new HIPAA regulations become effective on September 23, 2013. Many health care providers have been focused on revising business associate agreements and getting them signed up. Keep in mind that new business associate...more
HIPAA Final Regulations -
In January of this year, the Department of Health and Human Services issued final regulations (also referred to as the “Omnibus Rule”) that include changes to the privacy, security and breach...more
Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule....more
Although the HIPAA Omnibus Final Rule's expansion of business associate liability could create difficulties for healthcare providers and other covered entities seeking to negotiate business associate agreements with vendors...more
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) published the long-awaited HIPAA final omnibus rule (Final Rule)....more
Prosecutors are a fun bunch and they love their jobs and their mission – to prosecute law-breakers for violating the law. ...more
A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more
The long awaited HIPAA/HITECH Final Rule became effective March 26, 2013, but covered entities, business associates and subcontractors will have until September 23, 2013, to fully comply.
On January 17, 2013, the Office for Civil Rights (‘‘OCR’’) of the U.S. Department of Health and Human Services (‘‘HHS’’) published the HIPAA Omnibus Final Rule (‘‘Final Rule’’) which OCR has trumpeted as carrying ‘‘the most...more
If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more
With the recent issuance of the long-awaited final rule by the Department of Health and Human Services ("HHS"), the protection of patient information has been a hot topic among the health care industry the past few months....more