News & Analysis as of

Protected Health Information Health Insurance Portability and Accountability Act

A Little Help From HIPAA

by McGuireWoods LLP on

HIPAA’s Security Rule requires that Covered Entities perform “periodic” Security Risk Assessments. All too often, however, this regulatory obligation is ignored altogether, performed extremely sporadically, or treated as a...more

HHS Issues Limited Waiver of HIPAA Sanctions Post-Hurricane Harvey

The U.S. Department of Health and Human Services (HHS) has used its authority to waive certain provisions of HIPAA in response to Hurricane Harvey. HHS previously declared a public health emergency in Texas and Louisiana...more

CAS Legal Mailbag Question of the Week - September, 2017

by Shipman & Goodwin LLP on

Dear Legal Mailbag: Does HIPAA permit a physician or covered entity to release physical exam results to the school nurse, without prior authorization, for the purposes of permitting a student to participate in school...more

HHS Issues Limited Waiver of HIPAA Sanctions Post-Hurricane Harvey

The U.S. Department of Health and Human Services (HHS) has used its authority to waive certain provisions of HIPAA in response to Hurricane Harvey. HHS previously declared a public health emergency in Texas and Louisiana...more

Failing To Update Compliance Plans May Be Costly

by Roetzel & Andress on

If you are a provider of healthcare services, you need a compliance plan. A compliance plan is a written document that details your practice’s policies, procedures, and operations. While many providers are aware of the...more

Hurricane Harvey, HIPAA, and Access to Health Information

Hurricane Harvey has been pummeling the Gulf Coast since Monday, with nearly 52 inches of rainfall in parts of Texas. The storm has displaced thousands of people from their homes and has resulted in over 30 reported deaths....more

Health Care Companies Find Direction to Combat Cybersecurity Threats

by Burr & Forman on

More than 27 million patient records were affected by health care data breaches in 2016, according to a health care cybersecurity company. The cost associated with these breaches is staggering: an estimated $355 per stolen...more

Healthcare Legal News: Volume 7, Number 2

by Dickinson Wright on

Where is your PHI Data Traveling Today? With most vendors offering and pushing cloud computing solutions and offsite data backup, or guaranteeing offsite backup of data they process for you, many HIPAA covered entities and...more

Where is your PHI Data Traveling Today?

by Dickinson Wright on

With most vendors offering and pushing cloud computing solutions and offsite data backup, or guaranteeing offsite backup of data they process for you, many HIPAA covered entities and business associates are questioning...more

Recent HHS Activity Following International Cyber Attacks

by Steptoe & Johnson PLLC on

Following recent international cyber attacks, the U.S. Department of Health and Human Services (HHS) has issued warnings to healthcare organizations, provided a cyber attack checklist, and launched its revised HIPAA Breach...more

Recent Events Increase the Importance of HIPAA Risk Analyses and HIPAA Policies

Recent events highlight the fact that threats to customer and patient data continue to increase. In recent months, government agencies, news outlets, and others have spent considerable time investigating and reporting on...more

Another Key to HIPAA Compliance – Have Policies and Procedures and Implement Them, Too

by Williams Mullen on

On this blog, we have discussed the criticality of risk analyses – the assessment required by the Security Rule of the “risks and vulnerabilities” that an organization faces with respect to all of its electronic protected...more

Attempting To Avoid The High Cost Of A Reported HIPAA Breach

by Dickinson Wright on

Preventing unintended or unauthorized disclosure of protected health information is an ever-present goal of all covered entities and business associates. However, protective firewalls and electronic data security measures are...more

What is the HIPAA Complaint Process?

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) is responsible for enforcing the HIPAA Privacy and Security Rules. Any person who believes that a covered entity or business associate is not...more

Health Care E-Note - July 2017

by Burr & Forman on

Everywhere you look these days, there seems to be another report of a cyberattack -- attacks which do not discriminate based on industry type, size of business, or impact. In other words, everyone is vulnerable. In fact, the...more

Unencrypted Backup Drive of 531 EEG Patients Lost

Baptist Medical Center South, located in Jacksonville, Florida has admitted that one of its backup drives has been missing since May 18, 2017. The unencrypted backup drive contained the protected health information of 531...more

Hixon: Medical records and privacy

by GableGotwals on

Many people mistakenly believe that their medical files maintained by their physicians are 100 percent private. However, there are legal scenarios in which those files are under subpoena and that require physicians to comply...more

HIPAA in the Age of Ransomware

According to a recent US Government Interagency report, ransomware is the fastest growing malware threat, targeting users of all types, including health care facilities. This past spring, for example, the WannaCry ransomware...more

Princeton Community Hospital Replaces Computer Network After Petya Attack

Numerous hospitals were victims to last week’s (aka NotPetya) ransomware attack. But one hospital—Princeton Community Hospital in West Virginia–has admitted that it is going to replace its entire computer network after Petya...more

When Health Data Goes Missing: Largest Reported Ransomware Attack

In the aftermath of two powerful global ransomware attacks, a Michigan-based medical equipment provider has disclosed that hackers “encrypted our data files” and accessed more than 500,000 patient records in what is believed...more

HHS Releases Health Care Industry Cybersecurity Task Force Report

Last week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task...more

New York State Enforces Data Breach Notification Law

Earlier this month, New York Attorney General Eric Schneiderman announced his state had entered into a settlement with CoPilot Provider Support Services, Inc. (CoPilot)—a settlement resulting from CoPilot’s violation of the...more

Data Breaches Most Expensive For Health Care Industry But Precautionary Measures Can Keep Costs Down

by Murtha Cullina on

Data breaches have become commonplace in every industry. In health care, however, it costs much more to respond to a data breach than in all other industries in this country, according to the results of a recent IBM-sponsored...more

Increased Focus on Health Care Cybersecurity: HHS Releases Long-Awaited Report and Cyber Attack Quick-Response Checklist

by McGuireWoods LLP on

The U.S. Department of Health & Human Services (HHS) issued a recent report noting that cybersecurity is a key public health concern that needs “immediate and aggressive attention.” Shortly thereafter, HHS’ Office for Civil...more

Reimbursement Manager Pleads Guilty for Prior Authorization Process Issues

by Bass, Berry & Sims PLC on

On Monday, June 19, 2017, Elizabeth Gurrieri became the second former employee of Insys Therapeutics (Insys) to plead guilty to federal anti-kickback charges related to the drug Subsys, an expensive fentanyl-based painkiller....more

808 Results
|
View per page
Page: of 33
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.