Risk Assessment Business Associates

News & Analysis as of

OCR Stresses Importance of Authentication in Newsletter

In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

Latest OCR HIPAA Settlement Provides Lessons for Covered Entities

Capping off a busy month of HIPAA settlements, on August 4, the Office for Civil Rights (“OCR”) announced a $5.55 million settlement with Advocate Health Care Network (“Advocate”), the largest fully-integrated healthcare...more

Client Alert: The Government Enters into Largest HIPAA Settlement to Date; What HIPAA Covered Entities and Business Associates...

Advocate Health Care Network, which operates 12 hospitals and more than 200 other treatment centers in Chicago and central Illinois, has agreed to the largest settlement to date with the Office for Civil Rights (“OCR”) for...more

OCR Releases Updated HIPAA Audit Protocol and Business Associate Listing Template

The Office of Civil Rights (OCR) recently updated the audit protocol that it will be using to assess Covered Entities’ and Business Associate’s compliance with the Health Insurance Portability and Accountability Act (HIPAA)...more

Health Care and Long-Term Care News Groups: The HIPAA Phase 2 Audits Have Arrived

The Department of Health and Human Services Office of Civil Rights (OCR) has commenced the long-anticipated HIPAA phase 2 audits, and with it may come an uptick in HIPAA enforcement efforts. All providers and business...more

Next Phase of HHS Office for Civil Rights HIPAA Audits

On March 21, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that it has begun its phase 2 Health Insurance Portability and Accountability Act (“HIPAA”) audit program. In...more

Phase 2 of HIPAA Compliance Audits Now Underway

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (DHHS) recently announced that it has initiated Phase 2 of its audit program to assess Covered Entities’ and Business Associate’s...more

Pay Attention to Business Associate Agreements!

For our HIPAA-covered entity readers, we have asked these questions before: Have you taken a business associate inventory? Have you undertaken a comprehensive risk assessment as required by HIPAA?...more

Don’t Neglect Your Business Associate Agreements!

As we have repeatedly emphasized on this blog, HIPAA Covered Entities must ensure that they have compliant business associate agreements (“BAAs”) in place with all of their business associates and must ensure that they have...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

Office for Civil Rights Selects Vendor for Next Round of HIPAA Audits – Five Things You Should Do to Prepare

The Office for Civil Rights (“OCR”) has selected Ashburn, Virginia-based FCi Federal to conduct the next round of HIPAA audits mandated by the HITECH Act. OCR views the audits as a compliance tool that will hopefully get out...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Legal Alert: Final HIPAA Regulations Released: Time To Review Your HIPAA Policies?

The U.S. Department of Health and Human Services ("HHS") recently released long-awaited final HIPAA Regulations. The new regulations finalize many changes previously proposed to the Privacy, Security, and Enforcement Rules,...more

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Changes to the HIPAA Breach Notification Rule - Background: The HITECH Act required Covered Entities to notify individuals, HHS, and in some cases, the media, of a Breach of Unsecured PHI. A Business Associate is...more

Health Law Update - What Covered Entities and Business Associates Need to do to Prepare for the New HIPAA/HITECH Requirements

The U.S. Department of Health and Human Services (HHS) issued, on January 17, 2013, its final omnibus rule modifying the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security rules as well...more

What Covered Entities and Business Associates Need to Do to Prepare for the New HIPAA/HITECH Requirements (Part II)

There has been a lot of discussion about the impact of Final Omnibus Rule modifying the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules as well as the breach notification rules...more

What Covered Entities and Business Associates Need to Do to Prepare for the New HIPAA/HITECH Requirements (Part I)

The Department of Health and Human Services (HHS) issued, on January 17, 2013, its Final Omnibus Rule modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules as well as...more

HHS Releases HIPAA/HITECH Omnibus Final Rule

Rule finalizes many provisions of the proposed rule, imposing new privacy and security obligations directly on business associates and modifying the definition of "breach" and the required factors to be considered in a risk...more

23 Results
|
View per page
Page: of 1
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×