Covered Entities

News & Analysis as of

OCR Enforcement of HIPAA Affects Entities of all Sizes Small Pharmacy Enters into Latest Settlement

U.S. Department of Health and Human Services (HHS) announced late last week that Cornell Prescription Pharmacy (Cornell) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996...more

OCR Announces Another HIPAA Settlement and Warns Not to Forget About Paper Records

On April 27, 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy (“Cornell Pharmacy”) had entered into a resolution agreement to settle,...more

2015 Phase Two HIPAA Audits – Delayed Again

Recently, the Director of the Department of Health and Human Services Office for Civil Rights (“OCR”) confirmed that OCR is still working to finalize the procedures for “Phase Two” HIPAA audits. OCR had initially planned to...more

HIPAA Rules and Procedures in the Event of a Data Breach, Part Two

My last post focused on the discovery and investigation of a data security breach to determine if breach notification is needed. Today’s post now turns to the requirements of breach notification triggered by a data security...more

HHS Settlement: Dumpster-Diving Leads to Settlement for Improper Disposal of Documents Containing Protected Health Information

The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it has reached an agreement with a small pharmacy to resolve potential HIPAA violations. The settlement arose from the...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Cloud Storage Provider?

This week, the HIPAA FAQ series continues with another topic about business associate agreements (BAAs). As most Covered Entities and Business Associates know, in the event that a Covered Entity utilizes a service provider...more

Friendship, Commerce and Navigation Treaties and Title VII

On April 15, 2015, former employee Steven Heldt sued Tata Consultancy Services, Ltd. in United States District Court for the Northern District of California for discrimination. Tata is multinational corporation headquartered...more

EEOC Issues Proposed Wellness Program Amendments to ADA Regulations

On April 16, 2015, the Equal Employment Opportunity Commission (“EEOC”) released its highly anticipated proposed regulations (to be published in the Federal Register on April 20, 2015, for notice and comment) setting forth...more

Should You Sharpen Your Diversity Policies & Practices under Dodd-Frank Mandates?

The much-publicized Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 became effective on August 12, 2011. Section 342 of the Dodd-Frank Act, requiring the implementation of diversity practices for both...more

Open Internet Order Published and to Become Effective on June 12, 2015—Numerous New Appeals Expected

The FCC’s Open Internet Order (the “Order”) was published in the Federal Register today, Monday, April 13, and, unless the Order is stayed, will become effective after sixty days, on June 12, 2015. Publication in the Federal...more

Health Plan Lawsuits and Data Breach Claims: Recent Developments and Implications

Five class action lawsuits have been filed against Premera Blue Cross in federal court in Seattle, Washington following the recent report of a data breach that affected approximately 11 million individuals. The lawsuits make...more

The Elaborate Guessing Game: The CFPB and Its Authority Under the UDAAP

Since its inception in July of 2011, the Consumer Financial Protection Bureau (CFPB), in the process of enforcing numerous laws under the Dodd-Frank Act, has focused primarily on "Unfair, Deceptive, or Abusive Acts and...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Mail Carrier?

This week, the HIPAA FAQ series continues with a topic about business associate agreements (BAAs). Most Covered Entities and Business Associates are familiar with general BAA obligations. ...more

HRSA Moving Ahead on 340B Program Enforcement Rule, Including Manufacturer CMPs for Overcharges to 340B Entities

The Health Resources and Services Administration (HRSA) is seeking White House review of its proposed rule to implement new Affordable Care Act 340B drug discount program enforcement authorities and pricing policies. More...more

Pharmacies: Watch Out for Future HHS Crackdowns on Security Rule Violations

As we all know by now, HIPAA required the Secretary of the U.S. Department of Health and Human Services (HHS) to adopt regulations protecting the privacy of "protected health information" (PHI). HHS responded to that...more

Blog: HIPAA FAQ Series: Does HIPAA Permit Communications via E-mail with PHI Subjects?

Last week, we introduced a new series to this blog that will cover frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). This week, the series continues by delving into a hot...more

Locke Lord QuickStudy: Montana and Wyoming Update Data Breach Laws

Montana and Wyoming have recently revised their data breach notification laws including their definitions of what constitutes Personally Identifiable Information (PII) subject to breach notification. ...more

OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014

With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

Blog: HIPAA FAQ Series: Are Covered Entities Liable for Business Associates’ HIPAA Violations?

This post marks the beginning of a new series on this blog covering various frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). ...more

President Obama’s Proposed Privacy Bill of Rights - Part 5: Accountability

This week we have brought you a multi-part series analyzing the Obama administration’s proposed Consumer Privacy Bill of Rights (“CPBR” or “proposal”), which would require greater transparency by businesses in their privacy...more

White House Releases Draft Privacy Bill

The White House released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015. The Act is intended to establish baseline privacy protections for individuals in industries which are not currently regulated at...more

President Obama’s Proposed Privacy Bill of Rights - Part 4: Data Security

On Friday, Feb. 27, the Obama administration unveiled a proposed Consumer Privacy Bill of Rights that would require “covered entities” to be more transparent in privacy practices, and provide individuals certain rights aimed...more

President Obama’s Proposed Privacy Bill of Rights - Part 3: Who’s Covered

This week we have brought you a multi-part series analyzing the Obama administration’s proposed Consumer Privacy Bill of Rights, which would require greater transparency by businesses in their privacy practices, and grant...more

President Obama’s Proposed Privacy Bill of Rights - Part 2: Notice, Consumer Control, and Context

Part 2: Notice, Consumer Control, and Context - Yesterday we brought you the first part in DWT’s series analyzing the Obama Administration’s proposed Consumer Privacy Bill of Rights, which would require greater...more

205 Results
|
View per page
Page: of 9

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×