Report on Research Compliance 21, no. 9 (September, 2024) -
How many types of falsehoods might sully applications for research funds and the studies they support? Unfortunately, the most recent semiannual report to...more
9/5/2024
/ Academic Misconduct ,
Compliance ,
False Claims Act (FCA) ,
False Reporting ,
Fraud ,
Government Agencies ,
Health Care Providers ,
Healthcare ,
HHS Office of Research Integrity (ORI) ,
Medical Records ,
National Science Foundation ,
OIG ,
Research and Development ,
Settlement
Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more
8/21/2024
/ Corrective Action Plans (CAPs) ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Healthcare ,
HIPAA Security Rule ,
Malware ,
OCR ,
Patients ,
Privacy Laws ,
Settlement
Attorney Peter Zeidenberg was surprised to learn that NIH had successfully clawed back $3.6 million—plus a nearly 100% penalty—from Cleveland Clinic. The Department of Justice (DOJ) claimed the award funds were ill-gotten...more
6/10/2024
/ Clawbacks ,
Compliance ,
Corrective Action Plans (CAPs) ,
Department of Justice (DOJ) ,
Disclosure ,
False Claims Act (FCA) ,
Healthcare ,
National Institute of Health (NIH) ,
Regulatory Requirements ,
Settlement ,
Universities
Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more
3/12/2024
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Employees ,
Enforcement Actions ,
Health Care Providers ,
Healthcare ,
HIPAA Security Rule ,
HIPAA Violations ,
Hospitals ,
Internal Investigations ,
Popular ,
Risk Assessment ,
Settlement
The Association of American Universities (AAU) and the Council on Governmental Relations (COGR) are among a handful of groups “urging the Biden administration to rescind a policy proposal that would threaten the American...more
2/26/2024
/ Auditors ,
Audits ,
Bayh-Dole Act ,
Biden Administration ,
Compliance ,
Corrective Action Plans (CAPs) ,
Department of Health and Human Services (HHS) ,
Environmental Protection Agency (EPA) ,
Innovation Patent ,
Inventions ,
Inventors ,
Medical Records ,
National Security Agency (NSA) ,
NIST ,
OCR ,
OIG ,
Patents ,
Personal Data ,
Rescission ,
Research and Development ,
Settlement ,
Technology Sector ,
Universities
Moffitt Cancer Center’s recent $19.5 million settlement with the U.S. Department of Justice (DOJ) and the state of Florida resolving allegations that billing errors violated the False Claims Act (FCA) triggered a “fully...more
If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more
1/17/2024
/ Amended Rules ,
Corrective Action Plans (CAPs) ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Employee Training ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
HIPAA Security Rule ,
HIPAA Violations ,
OCR ,
PHI ,
Policies and Procedures ,
Proposed Regulation ,
Regulatory Reform ,
Right-To-Access ,
Security Risk Assessments ,
Settlement
Report on Patient Privacy 23, no. 12 (December, 2023)
Spring 2020 was a terrifying period in the annals of COVID-19, and New York was at the epicenter. COVID-19 cases, and deaths, already the highest in the nation, were...more
12/8/2023
/ Coronavirus/COVID-19 ,
Corrective Action Plans (CAPs) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
HIPAA Privacy Rule ,
HIPAA Violations ,
Hospitals ,
Media ,
OCR ,
Patients ,
Personal Information ,
Photographs ,
Prior Authorization ,
Privacy Laws ,
Public Health Emergency ,
Settlement ,
Video
Report on Research Compliance 20, no. 11 (November, 2023)
It wasn't just China.
China is among the countries whose support for Stanford University investigators wasn’t reported to five federal research funding agencies,...more
10/26/2023
/ China ,
Compliance ,
Department of Justice (DOJ) ,
Disclosure ,
Educational Institutions ,
Failure To Disclose ,
False Claims Act (FCA) ,
Foreign Entities ,
Government Investigations ,
Investigations ,
Medical Research ,
National Science Foundation ,
OIG ,
Penalties ,
Popular ,
Research Funding ,
Settlement ,
Universities
Start with a records request. Add a seven months’ wait. Stir in the chaos of the pandemic, with most employees working from home. Blend in a perhaps-neglected post office box. Bake for two-and-a-half years....more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR -
As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
6/9/2023
/ Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
File Transfer Protocols (FTP) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Violations ,
OCR ,
PHI ,
Risk Assessment ,
Settlement ,
State Data Breach Notification Statutes ,
Subcontractors
Report on Research Compliance Volume 20, Number 3. February 23, 2023 -
To those who say whistleblowers are only interested in the money a settlement can bring, meet Devin English. An assistant professor in the Department of...more
2/27/2023
/ Bonuses ,
Disclosure Requirements ,
False Claims Act (FCA) ,
Fraud ,
Fraud and Abuse ,
Grants ,
Individual Accountability ,
Luxury Goods ,
National Institute of Health (NIH) ,
Settlement ,
Transparency ,
Whistleblower Awards ,
Whistleblowers
Report on Patient Privacy 20, no. 12 (December 10, 2020) -
In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more
12/18/2020
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
Health Insurance ,
HIPAA Breach ,
Medical Records ,
PHI ,
Settlement ,
State Attorneys General
Report on Patient Privacy 20, no. 10 (October 2020) -
September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more
10/16/2020
/ Business Associates ,
Compliance ,
Corrective Action Plans (CAPs) ,
Covered Entities ,
Data Breach ,
De-Identified Protected Health Information ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Settlement
Report on Patient Privacy 20, no. 8 (August 2020) -
Last month, leaders from Agape Health Services in rural Washington, North Carolina, were happy to share photos of the shell of a building in neighboring Plymouth, that,...more
8/10/2020
/ Chief Compliance Officers ,
Civil Monetary Penalty ,
Compliance ,
Corrective Action Plans (CAPs) ,
Data Breach ,
FQHC ,
Health Care Providers ,
HIPAA Security Rule ,
Laches ,
Noncompliance ,
OCR ,
Patient Privacy Rights ,
Rural Health Care Providers ,
Settlement
Report on Research Compliance 17, no. 6 (June 2020) -
A former assistant veterinary medicine professor at the University of Maryland will retract or correct seven papers published from 2013 to 2016 that contained reused or...more
5/26/2020
/ Audits ,
Compliance ,
Coronavirus/COVID-19 ,
Department of Justice (DOJ) ,
False Claims Act (FCA) ,
False Reporting ,
Federal Grants ,
Fraud ,
Guilty Pleas ,
HHS Office of Research Integrity (ORI) ,
IP License ,
Medical Research ,
National Institute of Health (NIH) ,
National Science Foundation ,
Office for Human Research Protections (OHRP) ,
Patents ,
Professors ,
Repayment Options ,
Settlement ,
Tax Fraud ,
U.S. Attorney ,
Universities ,
Veterinarians
Report on Patient Privacy 20, no. 3 (March 2020) -
A gastroenterologist in Utah who felt he was being held captive by an electronic health record (EHR) vendor found his 2013 complaint to the HHS Office for Civil Rights...more
Report on Research Compliance 17, no. 2 (January 23, 2020) -
Acting with “deliberate ignorance” and “reckless disregard” are not words that any institution wants to hear associated with its name. But these are at the heart...more
1/28/2020
/ China ,
Civil Monetary Penalty ,
Compliance ,
Department of Justice (DOJ) ,
Failure To Disclose ,
False Claims Act (FCA) ,
Federal Funding ,
Federal Grants ,
Foreign Investment ,
Foreign Workers ,
Government Investigations ,
Medical Research ,
National Institute of Health (NIH) ,
OIG ,
Omissions ,
Research Funding ,
Restitution ,
Settlement
Report on Patient Privacy 20, no. 1 (January 2020) -
In the waning days of 2019, the HHS Office for Civil Rights (OCR) didn’t halt the HIPAA enforcement momentum it had built up during the last quarter of the year, dinging...more
1/13/2020
/ Ambulance Providers ,
Business Associates ,
Compliance ,
Corrective Action Plans (CAPs) ,
Corrective Actions ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Encryption ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Security Rule ,
OCR ,
PHI ,
Security Risk Assessments ,
Settlement
Report on Research Compliance 17, no. 1 (January 2020) -
Ah, those pesky residents. If you’re a teaching hospital, you can’t live without them, right? But sometimes living with them is mighty costly, as the University of...more
12/19/2019
/ Administrative Appeals ,
Civil Monetary Penalty ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Encryption ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Violations ,
Laptop Computers ,
Medical Research ,
Medical Residents ,
OCR ,
PHI ,
Settlement ,
Teaching Hospitals
Report on Patient Privacy 19, no. 12 (December 2019) -
Sentara Hospitals, a nonprofit group of 12 medical centers in Virginia and North Carolina, will implement a fairly minimal two-year corrective action plan (CAP) and...more
12/5/2019
/ Billing ,
Billing Errors ,
Business Associates ,
Business Associates Agreement (BAA) ,
Civil Monetary Penalty ,
Compliance ,
Corrective Actions ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Violations ,
HIPAA Breach ,
Hospitals ,
Inadvertent Disclosure ,
Medical Records ,
OCR ,
Patient Privacy Rights ,
PHI ,
Reporting Requirements ,
Settlement
Report on Medicare Compliance 28, no. 36 (Oct. 14, 2019).
- NIH should “update its guidance on vetting peer reviewer nominees to identify potential foreign threats to research integrity” and “develop a risk-based approach...more
10/25/2019
/ Attorney General ,
Audits ,
Compliance ,
Conflicts of Interest ,
Employee Training ,
Federal Grants ,
Fraud ,
Medicare ,
National Institute of Health (NIH) ,
National Science Foundation ,
OIG ,
Peer Review ,
Settlement ,
Settlement Agreements ,
Sexual Harassment ,
Universities