On April 12, 2023, the U.S. Department of Health & Human Services (HHS) released a Notice of Proposed Rulemaking (Proposed Rule) that seeks to enhance safeguards of reproductive health care information through changes to the...more
4/18/2023
/ Abortion ,
Biden Administration ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
New Guidance ,
Patient Access ,
Patient Privacy Rights ,
PHI ,
Pregnancy ,
Reproductive Healthcare Issues ,
SCOTUS ,
Women's Rights
On April 12, 2023, the U.S. Department of Health & Human Services (HHS) released a Notice of Proposed Rulemaking (Proposed Rule) that seeks to enhance safeguards of reproductive health care information through changes to the...more
4/17/2023
/ Abortion ,
Biden Administration ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
NPRM ,
Patient Privacy Rights ,
PHI ,
Pregnancy ,
Proposed Rules ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
SCOTUS ,
Women's Rights
On December 10, 2020, the U.S. Department of Health and Human Services (HHS) announced proposed changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, which is one of several rules that...more
On June 12, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued timely HIPAA guidance (Guidance) regarding solicitations of blood and plasma donations from recovered COVID-19 patients....more
On March 24, 2020, the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) issued new HIPAA guidance to help providers and first responders in efforts to combat the COVID-19 pandemic....more
On February 3, 2020, the U.S. Department of Health and Human Services (HHS) issued a bulletin (the Bulletin) to remind covered entities and business associates of how patient information may be shared under HIPAA in the event...more
2/10/2020
/ Business Associates ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Disclosure ,
Electronic Medical Records ,
Emergency Management Plans ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Infectious Diseases ,
New Guidance ,
Patient Privacy Rights ,
PHI ,
Popular
On January 27, 2020, the Department of Justice (DOJ) announced a $145 million settlement with Practice Fusion Inc., an electronic health records (EHR) software company, that resolves parallel criminal and civil investigations...more
1/31/2020
/ Anti-Kickback Statute ,
Criminal Prosecution ,
Deferred Prosecution Agreements ,
Department of Justice (DOJ) ,
EHR ,
Electronic Medical Records ,
Enforcement Actions ,
Failure to Comply ,
False Claims Act (FCA) ,
Fines ,
Forfeiture ,
Health Care Providers ,
Opioid ,
Patients ,
Pharmaceutical Industry ,
PHI ,
Prescription Drugs
It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more
12/23/2019
/ Biometric Information ,
Clinical Laboratories ,
Connected Cars ,
Connected Items ,
Criminal Conspiracy ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Extradition ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Settlement
On December 12, 2019, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced its second “HIPAA Right of Access Initiative” settlement of alleged HIPAA violations....more
On November 27, 2019 the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a $2.175 million dollar settlement with a hospital system to resolve alleged violations of HIPAA’s Breach...more
12/4/2019
/ Billing ,
Breach Notification Rule ,
Corrective Actions ,
Data Breach ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Privacy Rule ,
Hospitals ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management ,
Settlement
On September 9, 2019, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had settled its first ever HIPAA enforcement action arising from alleged violations of the individual...more
9/11/2019
/ Corrective Actions ,
Data Management ,
Electronic Medical Records ,
Enforcement Actions ,
Failure to Comply ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
OCR ,
Personally Identifiable Information ,
PHI ,
Regulatory Standards ,
Regulatory Violations ,
Right of Access
On September 9, 2019, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had settled its first ever HIPAA enforcement action arising from alleged violations of the individual...more
In a development that may – understandably – have been overlooked by many heading into Memorial Day weekend, on May 24, 2019, the Health and Human Service’s (HHS) Office for Civil Rights (OCR) issued a Fact Sheet on Direct...more
On April 26, 2019, the U.S. Department of Health and Human Services (HHS) issued a Notification of Enforcement Discretion (Notice) regarding imposition of Civil Money Penalties (CMPs) under HIPAA. ...more
4/30/2019
/ Civil Monetary Penalty ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HITECH Act ,
Personally Identifiable Information ,
PHI ,
Security Standards
On April 18, 2019, the Department of Health & Human Services Office for Civil Rights (OCR) issued five new FAQs addressing the applicability of HIPAA to the use of software applications (apps) by individuals to receive health...more
According to reports, a Georgia-based physician who previously pleaded guilty to criminal violations of the Health Insurance Portability and Accountability Act (HIPAA) received six months of probation from a Massachusetts...more
On December 14, 2018 the Department of Health & Human Services Office for Civil Rights (OCR) published a Request for Information (RFI) soliciting public input on updates to regulations promulgated under the Health Insurance...more
12/19/2018
/ Comment Period ,
Covered Entities ,
Deregulation ,
Electronic Health Record Incentives ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Reform ,
OCR ,
PHI ,
Regulatory Agenda ,
Regulatory Burden ,
Request For Information ,
Value-Based Care
On November 2, 2018, the New Jersey Attorney General announced a settlement worth up to $200,000 with a former medical transcription company responsible for a breach affecting medical records of up to 1,654 patients of a New...more
In late August, the Attorney General of the State of New York announced a $200,000 settlement with a New York-based non-profit organization that provides services to developmentally disabled individuals and their families...more
On July 9, 2018, Cass Regional Medical Center (CRMC) in Harrisonville, Missouri was hit with a ransomware attack that led to a complete shutdown of its electronic health record (EHR) and the diversion of trauma and stroke...more
Bezop Cryptocurrency Investors’ Personal Information Exposed -
Kromtech Security has reported that the sensitive personal information of more than 25,000 investors of Bezop cryptocurrency was exposed when a MongoDB...more
5/4/2018
/ Cryptocurrency ,
Cybersecurity ,
Data Breach ,
Digital Currency ,
Drones ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Hospitality Industry ,
PHI ,
Smart Devices ,
Unmanned Aircraft Systems ,
Virtual Currency
“Orangeworm” Targeting Health Care Industry -
In what is being called a systematic targeting of large health care organizations, pharmaceutical companies, and IT companies and equipment manufacturers that service the...more
4/27/2018
/ Blue Shield ,
Criminal Investigations ,
Cyber Attacks ,
Cyber Insurance ,
Data Breach ,
Digital Currency ,
Drones ,
Enforcement Actions ,
Extraterritoriality Rules ,
Hackers ,
Health Care Providers ,
Healthcare ,
Medical Devices ,
Personal Data ,
PHI ,
Risk Management ,
Scams ,
September 11th Victim Compensation Fund ,
SunTrust ,
Unmanned Aircraft Systems ,
US v Microsoft ,
Virtual Currency
U.S. Estimates that Cyber Hacks Cost Up to $109 Billion in 20 -
The Council for Economic Advisors (CEA) issued a report this month, entitled “The Cost of Malicious Cyber Activity to the U.S. Economy,” which concludes that...more
2/26/2018
/ Banking Sector ,
Bitcoin ,
Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Digital Currency ,
Disclosure Requirements ,
Drones ,
Federal Agency Taskforce ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Malware ,
OCR ,
PHI ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
TCPA ,
Virtual Currency
On February 13, 2018, the HHS Office for Civil Rights (OCR) announced a $100,000 settlement with a court-appointed receiver representing Filefax, Inc. (Filefax) arising from the 2015 discovery of medical records that...more
The Centers for Medicare & Medicaid Services (CMS) recently issued guidance intended to help clinicians eligible for the Merit-based Incentive Payment System (MIPS) navigate an attestation required thereunder concerning the...more
11/6/2017
/ Alternative Payment Models (APM) ,
CEHRT ,
Centers for Medicare & Medicaid Services (CMS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare Access and CHIP Reauthorization (MACRA) ,
MIPS ,
PHI ,
Physician Medicare Reimbursements ,
Quality Payment Program (QPP)