Enforcement Actions -
In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more
A recent Resolution Agreement between a solo practitioner physician practice and the U.S. Department of Health and Human Services Office for Civil Rights (OCR) reveals how complying with HIPAA by reporting a business...more
In two recent pronouncements, the United States Department of Health and Human Services (HHS) has taken a balanced approach to interpreting the Health Insurance Portability and Accountability Act (HIPAA) regulations that...more
After a relatively slow first six months, 2018 turned into an active year for HIPAA enforcement, with the Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR) announcing the largest-ever HIPAA...more
From an Atlanta plastic surgeon’s mid-surgery music videos, to illicit pictures of patients shared among nurses, misuse of photography and videos in the healthcare setting can carry substantial legal risks. ...more
On February 13, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its settlement with Filefax, Inc. to resolve alleged violations of the HIPAA Privacy Rule. Filefax was a...more
The Office for Civil Rights within the U.S. Department of Health and Human Services (OCR) recently announced that it has increased its review of breaches of protected health information affecting fewer than 500 individuals....more
HHS Office for Civil Rights (OCR) recently issued guidance addressing its approach to the 2016 Phase II HIPAA Desk Audits. In its announcement of the guidance, OCR emphasized the broader applicability of these resources...more
On July 11, 2016, e-mail notification was sent to 167 covered entities alerting them of their inclusion in the desk audit portion of OCR’s 2016 HIPAA audit program. Selected covered entities must respond no later than July...more
Through a series of releases in the first half of 2016, HHS Office for Civil Rights (“OCR”) issued guidance on the individual right of access to protected health information (“PHI”) provided under HIPAA. One topic with...more
On March 21, 2016, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the beginning of Phase 2 of its HIPAA audits of covered entities and their business associates. Per the OCR...more
HIPAA’s restrictions on the use or disclosure of protected health information (“PHI”) by a covered entity or business associate may be familiar to many in healthcare. Also familiar may be the exception that allows covered...more