In a narrow but significant ruling in American Hospital Association et al. v. Xavier Becerra, et al., No. 4:23-cv-01110-P, the U.S. District Court for the Northern District of Texas (Hon. Mark T. Pittman) ruled that one...more
The U.S. Department of Health and Human Services (“HHS”), and Office for Civil Rights (“OCR”) issued a “Final Rule,” HIPAA Privacy Rule to Support Reproductive Health Care Privacy, which was published in the Federal...more
5/14/2024
/ Data Privacy ,
Department of Health and Human Services (HHS) ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
OCR ,
Patient Privacy Rights ,
PHI ,
Popular ,
Reproductive Healthcare Issues
On February 8, 2024, the U.S. Department of Health and Human Services, through its Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), released final rule (Final Rule)...more
2/15/2024
/ CARES Act ,
Department of Health and Human Services (HHS) ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
Medical Records ,
OCR ,
Patient Rights ,
Policies and Procedures ,
SAMHSA ,
Substance Abuse
The continued proliferation of tracking technologies has created a landscape of increased exposure for entities serving individuals online. As individuals are increasingly interacting with healthcare services providers...more
On January 5, 2020, President Trump signed into law H.R. 7898. This new statute amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require the Department of Health and Human Services...more
On December 10, 2020, the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Health Insurance Portability and Accountability Act (HIPAA)...more
The CISA, FBI and HHS have issued an alert (https://us-cert.cisa.gov/ncas/alerts/aa20-302a) regarding an imminent threat to hospitals and health care providers. Federal agencies have credible information to suggest that a...more
10/30/2020
/ Cyber Attacks ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
FBI ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Malware ,
Risk Management ,
Vulnerability Assessments
On May 22, 2020, the Federal Trade Commission (the “FTC”) published its decennial request for public comment (the “RFC”) on the FTC’s Health Breach Notification Rule (the “HBN Rule”)....more
6/25/2020
/ Breach Notification Rule ,
Comment Period ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
HITECH Act ,
Medical Records ,
Personally Identifiable Information ,
PHI
Following the outbreak of COVID-19 in late 2019, the U.S Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) has offered guidance to covered entities and business associates regulated by the...more
With the New Year comes new medical staff leaders and a new set of growing pains. Contrary to what many of us believe, some simple steps can lessen the pain.
...more
1/17/2020
/ Anti-Competitive ,
Antitrust Violations ,
Breach of Contract ,
Covenant of Good Faith and Fair Dealing ,
Defamation ,
Due Process ,
Electronic Communications ,
Employee Evaluations ,
Equal Protection ,
Genuine Issue of Material Fact ,
Health Care Providers ,
Healthcare Facilities ,
Healthcare Workers ,
Hospitals ,
Leadership ,
Negligence ,
Patient Safety ,
Peer Review ,
Physicians ,
Retaliation ,
Summary Judgment ,
Text Messages ,
Third-Party Beneficiaries ,
Tortious Interference ,
Work-Product Doctrine
Every year, the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services, Office for Civil Rights (OCR) jointly sponsor a conference to “address the dynamic and challenging...more
10/25/2019
/ Civil Monetary Penalty ,
Cybersecurity ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement Actions ,
Final Determinations ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
NPRM ,
OCR ,
Personally Identifiable Information ,
PHI
On May 24, 2019, the Department of Health and Human Services (“HHS”) announced its proposed changes to the regulations issued under Section 1557 of the Affordable Act Care (“ACA”). Section 1557 is the primary...more
7/19/2019
/ Affordable Care Act ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Healthcare Reform ,
Non-Discrimination Rules ,
OCR ,
Proposed Regulation ,
Public Comment ,
Regulatory Oversight ,
Repeal ,
Rulemaking Process ,
Section 1557 ,
Sex Discrimination
The HHS Office for Civil Rights (“OCR”) issued a notice in the Federal Register regarding its Enforcement Discretion (84 Fed. Reg. 18151) on April 30, 2019. HHS announced that HHS will now apply a different cumulative annual...more
5/15/2019
/ Civil Monetary Penalty ,
Data Breach ,
Electronic Medical Records ,
Enforcement Authority ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HITECH Act ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI
In December 2018, twelve state Attorneys General ("AGs") jointly filed suit against Medical Informatics Engineering, Inc. (“MIE”) claiming it violated the Health Insurance Portability and Accountability Act and its related...more
2/8/2019
/ Data Breach ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
Regulatory Violations ,
Risk Management ,
Security Rule
On May 29, 2018, Colorado Governor John Hickenlooper signed changes to Colorado law that significantly increase potential data breach burdens and financial penalties on entities operating in Colorado.1 Beginning September 1,...more
8/1/2018
/ Confidential Information ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
New Legislation ,
PHI ,
Popular ,
State and Local Government