Jennifer Hennessy

Jennifer Hennessy

Foley & Lardner LLP

Contact
View Bio
RSS

Latest Posts › OCR

Share:

HIPAA: Amendments to Protect Reproductive Health Care Information Can Now be Implemented with OCR’s Final Rule

Share on Twitter Print Share by Email Share Back to top HIPAA regulated entities may now begin implementing the amendments to the HIPAA Privacy Rule to provide additional protections for reproductive health care information...more

7/2/2024  /  Data Privacy , Department of Health and Human Services (HHS) , Final Rules , Health Insurance Portability and Accountability Act (HIPAA) , Investigations , OCR , PHI , Reproductive Healthcare Issues

NIST Releases Draft Cybersecurity Resource Guide on Implementing the HIPAA Security Rule

The National Institute of Standards and Technology (NIST) has released an initial draft of Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide (Resource...more

7/27/2022  /  Cybersecurity , Electronic Protected Health Information (ePHI) , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Security Rule , NIST , OCR , Popular , Portability , Risk Assessment

OCR Relaxes Enforcement on Providers Using Scheduling Apps for COVID-19 Vaccinations

On January 19, 2021, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Enforcement Discretion (Notice) announcing that it will not impose penalties for...more

1/26/2021  /  Coronavirus/COVID-19 , Department of Health and Human Services (HHS) , Encryption , Enforcement , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI , Privacy Settings , Public Health Emergency , Vaccinations

Key Findings & Takeaways from OCR HIPAA Audit Findings

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more

1/15/2021  /  Audits , Covered Entities , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach Notification Rule , HIPAA Privacy Rule , Notice of Privacy Practices , Notice of Proposed Rulemaking (NOPR) , OCR , Right of Access , Risk Management , Security Risk Assessments

Proposed Modifications to HIPAA Expands Individual Access Rights and Encourages Further Sharing of PHI for Care Coordination

On December 10, 2020, the Department of Health and Human Services, Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) to revise the HIPAA Privacy Rule. The proposed revisions to the Privacy Rule seek...more

12/14/2020  /  Department of Health and Human Services (HHS) , Disclosure Requirements , Health Insurance Portability and Accountability Act (HIPAA) , Notice of Privacy Practices , Notice of Proposed Rulemaking (NOPR) , OCR , PHI , Proposed Amendments , Right of Access

HIPAA Right of Access Initiative: 2020 Year in Review

In 2020, the Office for Civil Rights (OCR) kept the promise it made the prior year to “vigorously enforce” the rights of patients to access and exercise control over their medical records. OCR has settled ten “right of...more

12/11/2020  /  Billing , Corrective Action Plans (CAPs) , Fees , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Medical Records , OCR , PHI , Proposed Rules , Right of Access , Settlement

COVID-19: HHS Permits Business Associates to Use and Disclose PHI for Public Health and Health Oversight Purposes Without Amending...

The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more

4/6/2020  /  Business Associates Agreement (BAA) , Coronavirus/COVID-19 , Cybersecurity , Data Breach , Data Protection , Data Security , Department of Health and Human Services (HHS) , Electronic Medical Records , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Healthcare , OCR , Personally Identifiable Information , PHI , Risk Management

HIPAA: Second Settlement this Year Related to Right to Access Initiative

On December 12, 2019, the Office for Civil Rights (OCR) announced its second enforcement action this year related to an individual’s right to access his/her protected health information (PHI). Korunda Medical, LLC (Korunda)...more

12/18/2019  /  Corrective Actions , Electronic Medical Records , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI , Right of Access , Settlement

HIPAA: Failure to Report Breach Costs Hospital $2.175 Million

One health system recently learned the cost of relying too heavily on the HIPAA Breach Notification Rule’s “low probability of compromise” standard when it failed to notify all affected individuals and report the HIPAA breach...more

12/5/2019  /  Breach Notification Rule , Business Associates , Covered Entities , Data Breach , Electronic Medical Records , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI , Reporting Requirements , Security Risk Assessments , Settlement Agreements

HIPAA: OCR Releases New FAQs Clarifying Disclosures Amongst Covered Entities

On June 26, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued two new FAQs that clarify: The parameters around covered entities sharing protected health information (PHI) for a...more

6/28/2019  /  Covered Entities , Department of Health and Human Services (HHS) , Disclosure , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI

OCR Clarifies Direct Liability for Business Associates under HIPAA

On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more

5/31/2019  /  Business Associates , Data Protection , Department of Health and Human Services (HHS) , Electronic Medical Records , Enforcement , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Liability , OCR , Personally Identifiable Information , PHI

Lessons Learned from 2017 OCR HIPAA Enforcement Actions

So far 2017 is proving to be an active year for Health Insurance Portability and Accountability Act (HIPAA) enforcement. This comes on the heels of 2016, which saw an unprecedented level of enforcement actions, with 13 total...more

8/21/2017  /  Breach Notification Rule , Data Breach , Enforcement Actions , Health Insurance , Health Insurance Portability and Accountability Act (HIPAA) , OCR , Risk Management

The Office of the National Coordinator Releases Guidance on Recent International Ransomware Campaign

With the news of the newest international ransomware campaign that is currently affecting some organizations within the Health Care sector, it is important to not only educate staff on necessary precautions, but also be aware...more

7/1/2017  /  Cybersecurity , FBI , Health Care Providers , ISAOs , OCR , ONC , Ransomware , US-CERT
13 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide