On February 20, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the recission of “HHS Notice and Guidance on Gender Affirming Care, Civil Rights, and Patient Privacy” (the...more
As we noted in our previous blog here, on January 6, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking (NPRM) proposing substantial revisions...more
As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more
1/16/2025
/ Compliance ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
OIG ,
Regulatory Requirements ,
Risk Management
On March 18, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued updated guidance regarding the use of online tracking technologies by entities and business associates subject to...more
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
3/15/2024
/ Audits ,
Compliance ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Medical Records ,
NIST ,
OCR ,
SAMHSA
Introduction -
Following the Supreme Court decision in Dobbs v. Jackson Women’s Health Organization overturning Roe v. Wade, the federal government, pursuant to President Biden’s Executive Order (the EO) took several steps...more
6/13/2023
/ Abortion ,
Biden Administration ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
OCR ,
Patient Privacy Rights ,
PHI ,
Proposed Rules ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
Women's Rights
On April 11, 2023, U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced its plan for termination of the existing notifications of enforcement discretion related to the expiration of the...more
4/12/2023
/ Coronavirus/COVID-19 ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Infectious Diseases ,
OCR ,
PHI ,
Public Health Emergency ,
Telehealth ,
Telemedicine
The past several years have proven difficult for healthcare entities due to increasing cybersecurity threats, breaches and regulatory enforcement. Following these trends, on April 6, 2022, the Department of Health and Human...more
Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), the agency enforcing the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach...more
10/19/2020
/ Breach Notification Rule ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
NIST ,
OCR ,
Popular
In a recent blog post, colleagues in our Employment, Labor & Workforce Management practice addressed the legal framework pertaining to coronavirus (COVID-19) risks in the workplace. As the number of cases continues to the...more
3/4/2020
/ Best Practices ,
Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Emergency Management Plans ,
Employee Privacy Rights ,
Employer Liability Issues ,
Health and Safety ,
Infectious Diseases ,
OCR ,
PHI ,
Policies and Procedures ,
Public Health ,
Risk Management ,
Workplace Safety