The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more
12/5/2024
/ Audits ,
Business Associates ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Audits ,
OCR ,
OIG ,
Privacy Laws
The HIPAA Privacy Rule has been amended to provide greater protections for protected health information (PHI) related to reproductive health care. Covered entities and business associates should familiarize themselves with...more
Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks.
In October, for the first time, the U.S....more
12/6/2023
/ Best Practices ,
Business Associates ,
Cyber Incident Reporting ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Risk Management ,
Settlement
Health care providers should evaluate their use of “tracking technologies” on their websites and mobile applications (apps) for compliance with HIPAA. On December 1, 2022, the Office for Civil Rights (OCR) issued a bulletin...more
4/6/2023
/ Data Privacy ,
Data Security ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Apps ,
OCR ,
PHI ,
Risk Management ,
Technology ,
Third-Party ,
Tracking Systems ,
Web Tracking ,
Websites
On Jan. 13, the U.S. Supreme Court issued rulings that impact two important aspects of the Biden Administration’s efforts to combat the COVID-19 pandemic.
...more
1/14/2022
/ Biden Administration ,
Biden v Missouri ,
Centers for Medicare & Medicaid Services (CMS) ,
Constitutional Challenges ,
Coronavirus/COVID-19 ,
Department of Labor (DOL) ,
Employer Liability Issues ,
Employer Mandates ,
Healthcare Workers ,
Infectious Diseases ,
Lack of Authority ,
National Federation of Independent Business v Department of Labor and OSHA ,
OSHA ,
SCOTUS ,
Stays ,
Vaccinations ,
Virus Testing ,
Workplace Safety
The Department of Labor’s Occupational Safety and Health Administration (OSHA) recently issued a COVID-19 Emergency Temporary Standard (ETS) for the healthcare industry. The new standard focuses on protecting healthcare...more
6/15/2021
/ Assisted Living Facilities (ALFs) ,
Compliance ,
Coronavirus/COVID-19 ,
Employees ,
Exemptions ,
First Responders ,
Healthcare ,
Healthcare Workers ,
Home Health Care ,
Hospitals ,
Non-Exempt Employees ,
Nursing Homes ,
OSHA ,
Safety Standards ,
Vaccinations
Recent enforcement actions by the Office for Civil Rights (OCR) underscore the importance of providing patients with copies of their protected health information (PHI) as required by HIPAA. Failure to provide access exposes...more
9/17/2020
/ Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Investigations ,
Medical Records ,
OCR ,
Patient Privacy Rights ,
Patients ,
Personally Identifiable Information ,
PHI ,
Right-To-Access
Over the past months, my experiences with physician practices have made me realize that many practices do not understand how HIPAA applies to subpoenas for medical records. More worrisome, I suspect that many practices...more