As healthcare technology continues to evolve, so does the need for robust compliance strategies to safeguard patient information and ensure the integrity of medical devices. In a joint September 19, 2024 presentation, the...more
9/20/2024
/ Artificial Intelligence ,
Cyber Crimes ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Employee Training ,
Health Technology ,
Healthcare ,
Medical Devices ,
PHI ,
Popular ,
Risk Assessment
The Massachusetts Attorney General’s Office (AGO) issued an announcement last week to inform consumers who may have had their personal information breached in Change Healthcare’s cyberattack this past February. The AGO was...more
The FTC has updated its HBNR to clarify that the rule also restricts marketing practices involving personal health information. This update to the HBNR was announced on April 26, 2024, and follows several recent enforcement...more
4/29/2024
/ Breach Notification Rule ,
Data Breach ,
Data Privacy ,
Data Protection ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
PHI ,
Regulatory Agenda ,
Regulatory Reform ,
Technology
The Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the...more
5/15/2023
/ Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HITECH Act ,
New Guidance ,
OCR ,
PHI ,
Public Health Emergency ,
Telehealth ,
Telemedicine
On December 1, 2022, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services issued a bulletin to highlight the obligations of Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more
On September 30, 2021, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR)issued guidance to help the public understand when the Health Insurance Portability and Accountability Act of 1996...more
10/4/2021
/ Americans with Disabilities Act (ADA) ,
Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Mine Safety and Health Administration (MSHA) ,
New Guidance ,
OCR ,
OSHA ,
PHI ,
Privacy Rule ,
Vaccinations ,
Workplace Safety
Halloween or HIPAA: Which is Scarier?
HIPAA and the Pandemic -
Telehealth:
- On Friday, March 20, 2020, OCR announced it will “exercise its enforcement discretion and will not impose penalties for noncompliance with...more
10/29/2020
/ Breach Notification Rule ,
California Consumer Privacy Act (CCPA) ,
Centers for Medicare & Medicaid Services (CMS) ,
Coronavirus/COVID-19 ,
Disclosure ,
First Responders ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Hospitals ,
New Guidance ,
Notification Requirements ,
OCR ,
Patient Access ,
Patients ,
PHI ,
SAMHSA ,
Telehealth ,
Virus Testing
With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more
9/28/2020
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Security Rule ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement Agreements
On March 24, 2020, the Office for Civil Rights (OCR) at the Department of Health and Human Services issued guidance on how HIPAA covered entities may disclose protected health information (PHI) about an individual who has...more
For the first time in over a decade, the U.S. Department of Education (DoE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (OCR) have released updated joint guidance addressing the...more
12/23/2019
/ Colleges ,
Consent ,
Department of Education ,
Department of Health and Human Services (HHS) ,
Educational Institutions ,
FERPA ,
Health Care Providers ,
HIPAA Privacy Rule ,
New Guidance ,
OCR ,
PHI ,
Student Privacy ,
Student Records ,
Students ,
Universities ,
Written Consent
Physicians Talking With Their Domestic Partners About Patients -
? Health care institutions often require that physicians and medical students click through annual online modules or attend lectures about HIPAA.
- But...more
11/4/2019
/ California Consumer Privacy Act (CCPA) ,
Centers for Medicare & Medicaid Services (CMS) ,
Cybersecurity ,
Data Collection ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
New Rules ,
Patient Privacy Rights ,
PHI ,
SAMHSA
As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more
Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more
We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc.
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more
2/24/2015
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Electronically Stored Information ,
Encryption ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
PHI
On January 18, 2013, nearly four years after the passage of the HITECH Act and its amendments to HIPAA, and nearly three years after it proposed regulatory amendments, the U.S. Department of Health and Human Services (“HHS”)...more