The Office for Civil Rights (OCR) at the Department of Health and Human Services announced it reached a settlement with Elite Dental Associates of Dallas (Elite) to resolve a complaint alleging Elite impermissibly disclosed a...more
10/8/2019
/ Calculation of Penalties ,
Corrective Actions ,
Data Breach ,
Disclosure Requirements ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Notice of Privacy Practices ,
OCR ,
Online Reviews ,
Personally Identifiable Information ,
PHI ,
Policies and Procedures ,
Regulatory Violations ,
Settlement ,
Social Media
With all of the attention on Health Insurance Portability and Accountability Act (HIPAA) requirements to safeguard the privacy and security of a patient’s health information, covered entities sometimes overlook the HIPAA...more
9/12/2019
/ Corrective Actions ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Hospitals ,
Medical Records ,
OCR ,
Patient Rights ,
Right-To-Access ,
Settlement Agreements ,
Statutory Violations
The U.S. District Court for the District of Columbia upheld a rule that expanded the maximum length of time for short-term, limited duration insurance (STLDI). STLDI is coverage that lasts a limited period of time and is...more
Pursuant to a directive in last month’s Executive Order 13877, the Treasury Department issued guidance last week that lists particular preventive care items and services that may be covered by a high deductible health plan...more
The U.S. Departments of the Treasury, Labor, and Health and Human Services have issued final regulations allowing employers to establish health reimbursement arrangements and certain other types of reimbursement plans...more
The U.S. Department of Health and Human Services (HHS) has released proposed regulations that, if finalized, will significantly narrow the scope of the nondiscrimination requirements under Section 1557 of the Affordable Care...more
6/6/2019
/ Affordable Care Act ,
Department of Health and Human Services (HHS) ,
Employee Benefits ,
Financial Assistance Policies ,
Health Care Providers ,
Health Insurance ,
Healthcare Reform ,
Non-Discrimination Rules ,
Proposed Rules ,
Religious Freedom Restoration Act (RFRA) ,
Section 1557
The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health...more
6/5/2019
/ Business Associates ,
Corrective Actions ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Reform ,
HIPAA Breach ,
OCR ,
Risk Assessment ,
Risk Management ,
Security Standards ,
Settlement Agreements
The Office of Civil Rights of the Department of Health and Human Services (OCR) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health care...more
After a quiet winter, the Department of Health and Human Services’ Office for Civil Rights (OCR) revived with the spring, issuing a set of frequently asked questions and two recent announcements. ...more
5/13/2019
/ Disclosure Requirements ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Mobile Apps ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management
On May 6, 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an agreement with Touchstone Medical Imaging, LLC (Touchstone)...more
5/8/2019
/ Corrective Actions ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
OCR ,
Personally Identifiable Information ,
PHI ,
Security Rule ,
Security Standards ,
Settlement Agreements
The Department of Health and Human Services has announced that it is lowering the maximum amount it will assess for most types of HIPAA violations. Although the change is couched as an exercise of discretion, HHS states that...more
5/6/2019
/ Business Associates ,
Civil Monetary Penalty ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
OCR ,
PHI ,
Regulatory Violations
After announcing that its HIPAA enforcement collections had reached a new high-water mark of $28.7 million in 2018, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services has started this year...more
The U.S. District Court for the District of Columbia has set aside the most significant portions of the U.S. Department of Labor's (DOL) regulations on Association Health Plans (AHPs)....more
4/2/2019
/ Affordable Care Act ,
Association Health Plans ,
Department of Labor (DOL) ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Employer Group Health Plans ,
Health Insurance ,
Healthcare Reform ,
Regulatory Requirements ,
Set-Asides ,
Trump Administration
On February 7, 2019, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services published the resolution agreement for its final HIPAA settlement of 2018. ...more
2/15/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Electronic Medical Records ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management ,
Settlement Agreements
The Equal Employment Opportunity Commission (EEOC) has formally withdrawn the provisions in its regulations governing wellness programs under the Americans with Disabilities Act (ADA) and the Genetic Information...more
The Affordable Care Act returned to the front page this weekend when a federal district court in Texas issued an opinion striking down the entire law as unconstitutional. ...more
A relatively quiet year for HIPAA enforcement is ending with a small flourish. The Office of Civil Rights of the Department of Health and Human Services (HHS) has announced two settlements with covered entities within the...more
12/17/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement Agreements
For the third consecutive year, the IRS has extended by 30 days the deadline for health plan sponsors to furnish Forms 1095-B and 1095-C to individuals....more
The IRS has followed up on its recently proposed Health Reimbursement Arrangements (HRA) regulations with guidance on some open issues. Notice 2018-88 specifically addresses the interplay between HRAs and two Internal Revenue...more
The U.S. Departments of the Treasury, Labor, and Health and Human Services have jointly issued proposed regulations that envision a broad landscape for the use of health reimbursement arrangements (HRAs) and certain other...more
The Office of Civil Rights of the Department of Health and Human Services has announced settlements with three different Boston-area hospitals for allegedly compromising the privacy of protected health information by inviting...more
9/25/2018
/ Data Breach ,
Department of Health and Human Services (HHS) ,
Entertainment Industry ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Hospitals ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement ,
Television Programming
The U.S. Departments of the Treasury, Labor, and Health and Human Services have jointly issued final rules modifying the definition of short-term, limited-duration insurance (STLDI). STLDI provides health coverage that is...more
Imagine a breach in the privacy of protected health information. The violation of an individual’s HIPAA rights may be clear, but the individual cannot sue under HIPAA. Courts have consistently held that HIPAA provides no...more
The U.S. Department of Labor (DOL) on Tuesday released final regulations modifying the Association Health Plan (AHP) rules to expand their availability for small and large employers and to address their affordability by...more
6/25/2018
/ Affordable Care Act ,
Association Health Plans ,
Department of Labor (DOL) ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Employer Group Health Plans ,
Health Insurance ,
Healthcare Reform ,
MEWAs ,
Regulatory Reform ,
Regulatory Requirements
The Departmental Appeals Board of the Department of Health and Human Services (“Board”) has granted summary judgment against the University of Texas MD Anderson Cancer Center (“Center”) and upheld the imposition of $4.3...more
6/20/2018
/ Appeals ,
Data Breach ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Facilities ,
HIPAA Breach ,
Penalties ,
Summary Judgment