News & Analysis as of

Federal agencies propose health IT regulatory framework, seek stakeholder input and participation in new initiatives

A little more than five years after the passage of the Health Information Technology Economic and Clinical Health (HITECH) Act, the Food and Drug Administration, Federal Communications Commission and the Office of the...more

Self-pay Confidentiality Rights: How Far Do Those Rights Go?

The HIPAA Privacy Rule has always provided an individual patient the right to request special, confidential treatment of his or her protected health information (PHI). That right is not absolute, however. Covered entities...more

Health Update

Ten Years In: Charting the Progress of Health Information Exchange in the U.S. - HITECH: Federal Dollars Spur Adoption and Use: The modern era of HIE-related public policy began in May 2004 with the appointment...more

How To Analyze A HIPAA Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) and subsequent regulations have changed several aspects of compliance with HIPAA, including the way covered entities should think about...more

Protect Your Blindside: Identify All HIPAA Business Associates/Subcontractors

Under the recently enacted Health Information Technology for Economic and Clinical Health (HITECH) Act, and implementing regulations, the definition of the HIPAA term "Business Associate" has been expanded. A "Business...more

Dermatology Practice Agrees to Settlement in Connection with HIPAA Breach

A Massachusetts-based dermatology practice recently agreed to pay $150,000 to settle claims that it failed to have sufficient policies and procedures in place to address a breach notification requirement under the HITECH Act....more

HHS Announces First HIPAA Settlement Based on Lack of Breach Notification Policies and Procedures

The Department of Health and Human Services (HHS) recently announced the first settlement under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) based on violations of the law's privacy, security,...more

Settlement Reached Regarding Dermatology Practice’s HIPAA Violation

Adult and Pediatric Dermatology (A&P Dermatology) of Concord, Massachusetts has entered into a resolution agreement with the Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance...more

Providers: Prepare Your Breach Notification Policy!

On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and...more

HHS Gives A Thumbs Down For Stolen Thumb Drive

On December 26, 2013, the U.S. Department of Health and Human Services Office for Civil Rights (HHS) announced that it had reached an agreement with a Northeastern dermatology practice to settle potential HIPAA violations...more

HHS Closes Out 2013 with 6th Resolution Agreement

Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs....more

HHS Delays NPP Amendment Requirement for Laboratories Regulated Under CLIA

Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus...more

Beware Of That Leased Photocopier: The PHI You Didn't Know You Had

You might be rejoicing at the thought of returning your old worn down leased photocopier and replacing it with the latest state of the art improvement in photocopier technology. But, little did you know that your old...more

Cloud Computing: Healthcare Issues in a Digital Age – (Part Two)

Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more

Hearing to Address HIPAA Accounting of Disclosures

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

HIPAA Omnibus Rule Compliance Deadline

September 23, 2013, the deadline for compliance with the new Health Insurance Portability and Accountability Act (HIPAA) regulations, is here. Although there has been much discussion about the new regulations since they were...more

Cloud Computing: Healthcare Issues in a Digital Age – (Part Three)

What are the challenges of PII data storage and privacy on cloud computing platforms? How does a healthcare organization work with cloud computing vendors to address key information security and privacy compliance issues? ...more

It's Never Too Late To Give Guidance: OCR Starts Releasing HIPAA Omnibus Rule Guidance In Anticipation Of September 23 Compliance...

This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more

Cloud Computing: Healthcare Issues in a Digital Age – (Part One)

Cloud computing has garnered attention in the healthcare industry as a primary way to achieve electronic medical records compliance while reducing IT costs. Cloud computing is all about DATA in a virtual work. With cloud...more

HHS To Revamp Limits On Payments To Pharmacies For Refill Reminder Programs

The HIPAA Privacy Regulations have long required covered entities to seek a patient authorization in order to use or disclose protected health information ("PHI") for marketing purposes. However, the Office for Civil Rights...more

Ready For HITECH Changes On September 23, 2013? Find Out With This Compliance Checklist For Employer-Sponsored Health Plans

The final regulations implementing the Health Information Technology for Economic and Clinical Health (HITECH) Act were issued in January and compliance is required by September 23, 2013. The final regulations require covered...more

Polsinelli Releases A HIPAA Business Associate Guide

In 2009, the Health Information Technology for Economic and Clinical Health Act ("HITECH") modified a number of provisions of the Health Insurance Portability and Accountability Act ("HIPAA") to strengthen HIPAA's privacy and...more

New HIPAA Deadline Around the Corner: Be Prepared!

Don’t look now, but another HIPAA deadline is just around the corner. As we noted last month, the deadline is looming for employer-sponsored health benefit plans to come into compliance with U.S. Department of Health...more

Checklist for Covered Entities and Business Associates

As the countdown to the compliance deadline for the Health Information Technology for Economic and Clinical Health (HITECH) Act Omnibus Rule begins, we offer the following as a reminder of tasks that covered entities,...more

U.S. Department of Health and Human Services Imposes $1.2 Million Penalty For Protected Health Information Breach Involving Leased...

Covered entities should examine their procedures to evaluate and safeguard protected health information (“PHI”) that may be stored on leased photocopiers and other office equipment. Under a settlement with the U.S. Department...more

130 Results
|
View per page
Page: of 6