Share on Twitter Print Share by Email Share Back to top HIPAA regulated entities may now begin implementing the amendments to the HIPAA Privacy Rule to provide additional protections for reproductive health care information...more
Pixels, cookies, and trackers continue to be front of mind for HIPAA regulated entities seeking clarity on their ability to advertise, market, and engage with existing and prospective patients. On March 18, 2024, the U.S....more
3/21/2024
/ Cybersecurity ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Innovative Technology ,
Privacy Laws ,
Tracking Systems ,
Web Tracking ,
Websites
Editor’s Note: PYA and Foley & Lardner hosted the 6th Annual “Let’s Talk Compliance” two-day Virtual Conference on January 18 and 19, 2024. Panelists included Foley & Lardner attorneys and PYA experts. The event was hosted by...more
Substance Use Disorder (SUD) programs and HIPAA-regulated entities seeking to streamline their privacy and security practices and workflows received welcome news from the U.S. Department of Health & Human Services (HHS) last...more
2/13/2024
/ Applicability Date ,
Breach Notification Rule ,
CARES Act ,
Consent ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Notice of Proposed Rulemaking (NOPR) ,
Patient Rights ,
Penalties ,
PHI ,
Substance Abuse
Recognizing the evolving landscape of care delivery and growth of telehealth, the U.S. Department of Health and Human Services (HHS) published a resource guide aimed at assisting telehealth providers in explaining the privacy...more
Medicare telehealth post-Public Health Emergency (PHE): With the COVID-19 PHE concluding on May 11, 2023, many of the telehealth flexibilities the Centers for Medicare & Medicaid Services (CMS) implemented during the PHE will...more
3/30/2023
/ Centers for Medicare & Medicaid Services (CMS) ,
Controlled Substances ,
DEA ,
Department of Health and Human Services (HHS) ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare Administrative Contractors (MAC) ,
Opioid ,
PHI ,
Public Health Emergency ,
Substance Abuse ,
Telemedicine
Session #1: State of the Healthcare Industry Effective Compliance Plans and Enforcement Trends -
In their discussion of compliance program effectiveness and enforcement, attorneys Kolarik and Waltz and Ms. Sumner...more
2/23/2023
/ Centers for Medicare & Medicaid Services (CMS) ,
Compliance ,
Consolidated Appropriations Act (CAA) ,
Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Dispute Resolution ,
Enforcement ,
Health Care Providers ,
Healthcare ,
Medicaid ,
Medicare ,
Mental Health ,
No Surprises Act (NSA) ,
Physician Fee Schedule ,
Public Health Emergency ,
Risk Assessment
Proposed changes to the federal substance use disorder law will increase provider efficiency and alignment with the Health Insurance Portability and Accountability Act (HIPAA). In a move that seeks to decrease administrative...more
Preparation for operations after the end of the Public Health Emergency (PHE) have commenced. HHS released guidance on using remote communication technologies for audio-only telehealth services in compliance with HIPAA. In...more
Preparation for operations after the end of the Public Health Emergency (PHE) have commenced. HHS released guidance on using remote communication technologies for audio-only telehealth services in compliance with HIPAA. In...more
On April 4, 2022, the U.S. Department of Health and Human Services (HHS) released a Request for Information (RFI) seeking input from HIPAA-covered entities and business associates on how the industry understands and is...more
The federal Department of Health and Human Services (HHS) issued guidance on the applicability of HIPAA to COVID-19 vaccination information, directly addressing a number of misconceptions about when HIPAA does, or does not,...more
On January 14, 2021, the U.S. Court of Appeals for the Fifth Circuit vacated the civil monetary penalty (CMP) imposed by the Department of Health and Human Services (HHS) against the University of Texas M.D. Anderson Cancer...more
On January 19, 2021, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Enforcement Discretion (Notice) announcing that it will not impose penalties for...more
1/26/2021
/ Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Encryption ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Privacy Settings ,
Public Health Emergency ,
Vaccinations
The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more
1/15/2021
/ Audits ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
HIPAA Privacy Rule ,
Notice of Privacy Practices ,
Notice of Proposed Rulemaking (NOPR) ,
OCR ,
Right of Access ,
Risk Management ,
Security Risk Assessments
On December 10, 2020, the Department of Health and Human Services, Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) to revise the HIPAA Privacy Rule. The proposed revisions to the Privacy Rule seek...more
The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more
4/6/2020
/ Business Associates Agreement (BAA) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management
On June 26, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued two new FAQs that clarify:
The parameters around covered entities sharing protected health information (PHI) for a...more
On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more
5/31/2019
/ Business Associates ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Liability ,
OCR ,
Personally Identifiable Information ,
PHI
The U.S. Department of Health and Human Services (HHS) recently proposed two new rules designed to increase patient and provider access to health records. As stated by HHS in its press release, the proposed rules “will...more
2/21/2019
/ Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Exchanges ,
Health Insurance Portability and Accountability Act (HIPAA) ,
MIPS ,
ONC ,
Patient Privacy Rights ,
Proposed Rules ,
Public Comment
The U.S. Department of Health and Human Services (DHHS) recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). DHHS states that the purpose of the HICP is to:
1. Raise...more