A Price Worth Paying?
Suzanne Folsom on Corporate Compliance Issues -
Sing it with me now….. FIVE GOLDEN RULES!
As public companies prepare for the New Year and the start of yet another annual reporting season, it is the perfect time to reflect on our 2013 prediction that the SEC would...more
The Office for Civil Rights (OCR) has announced a settlement between the US Department of Health and Human Services and Affinity Health Plan, Inc. to address potential violations of the Health Insurance Portability and...more
On March 22, 2013, Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) Director Leon Rodriguez presented the keynote address to attendees of the American Health Lawyers’ Association HIPAA/HITECH Conference in...more
Every day the headlines report another Fortune 500 company suffering a hacking incident. For companies, the hack itself creates substantial risks of economic devastation caused by the theft of valuable trade secrets. Add to...more
As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more
Changes to the HIPAA Breach Notification Rule -
Background: The HITECH Act required Covered Entities to notify individuals, HHS, and in some cases, the media, of a Breach of Unsecured PHI. A Business Associate is...more
Beginning this fall, employer health plans—or their business associates—will have to make more comprehensive and methodical risk assessments following the discovery of an impermissible use or disclosure of unsecured...more
The Department of Health and Human Services (HHS) issued, on January 17, 2013, its Final Omnibus Rule modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules as well as...more
This is the second installment of our series on Cyber Risk: Are you Protected? This article highlights the top ten ways to manage cyber risk, including strategies for preventing a cyber breach, creating a response plan in the...more
Rule finalizes many provisions of the proposed rule, imposing new privacy and security obligations directly on business associates and modifying the definition of "breach" and the required factors to be considered in a risk...more