News & Analysis as of

Health Privacy

Read need-to-know updates, commentary, and analysis on Health issues written by leading professionals.

Producing Patient Records: The “Designated Record Set,” the “Legal Health Record,” and Records Created by Other Providers

by Holland & Hart LLP on

Healthcare providers often misunderstand their obligation to provide patient records in response to a request from a patient or third party....more

Supreme Court Denies Cert Petition in CareFirst v. Attias

by Ballard Spahr LLP on

Earlier this week, the Supreme Court of the United States denied certiorari in CareFirst v. Attias, a closely watched case that some thought provided the Court with an opportunity to clarify the standing analysis under Spokeo...more

Top 7 Legal Challenges Facing Physicians And Hospitals

by Jackson Lewis P.C. on

The American Health Lawyers Association’s 2018 Physicians and Hospitals Law Institute in New Orleans focused on the legal challenges faced by physicians and hospitals. Here are the Jackson Lewis Healthcare Industry Team’s...more

Supreme Court Declines Review of Standing in Data Breach Class Actions

by Carlton Fields on

Counsel hoping for Supreme Court guidance on standing issues dividing the circuit courts will have to wait a bit longer. On February 20, the Court denied a petition for writ of certiorari in Attias v. CareFirst to resolve a...more

Relaxation of SAMHSA laws intended to align with advances in health care delivery

by Thompson Coburn LLP on

The final rule governing changes to the Substance Abuse and Mental Health Services Administration (SAMHSA) regulations became effective February 2, 2018. What is SAMHSA? The federal SAMHSA regulations (42 CFR Part 2)...more

Indemnification For Data Breaches: Understanding And Allocating Risk

by Ellis & Winters LLP on

Many contracts between companies and their service providers have broad indemnification provisions. How do those provisions apply in the context of a privacy breach? Today’s post looks at that question—in particular, a...more

Reminder: Notice of 2017 small HIPAA breaches due to HHS soon

by Bricker & Eckler LLP on

The deadline to submit notice to the Department of Health and Human Services (HHS) of small HIPAA breaches (those that affected fewer than 500 individuals) discovered in calendar year 2017 is March 1, 2018....more

Recent OCR Newsletter Highlights Growing Cyber Extortion Threat for Healthcare Organizations

by BakerHostetler on

The OCR’s January 2018 newsletter details specific types of cyber extortion that healthcare organizations are currently encountering, including ransomware, denial of service attacks, distributed denial of service attacks and...more

South Carolina Insurance Department Amends Privacy Regulations

by Weiner Brodsky Kider PC on

The South Carolina Department of Insurance recently amended its Privacy of Consumer Financial and Health Information provisions (Regulation 69-58) to eliminate the annual privacy notice requirements for financial institutions...more

HHS to Collect Data From the EMS System: Good Time to Examine Accounting, Cost, Billing, and Collection Systems

by Foley & Lardner LLP on

While recent legislation impacting the Emergency Medical Services (EMS)/ambulance industry drew attention inside the industry for its reduction in Health and Human Services’ (HHS) spend on non-emergent dialysis transports and...more

Ciox Health, LLC Initiates Lawsuit against the Department of Health and Human Services Over Medical Records Request Fees under...

On January 8, 2018, Ciox Health, LLC (Ciox) filed a complaint against the Department of Health and Human Services (HHS) and then-acting Secretary Eric D. Hargan, alleging that the Department’s rules and guidance, under HIPAA...more

Out-of-Business File Storage Company Paid $100K for Alleged HIPAA Violations

by Murtha Cullina on

Yesterday, DHHS’s Office for Civil Rights (OCR) announced a $100,000 settlement with a dissolved medical records moving and storage company in Illinois. This is another example of OCR bringing enforcement actions against a...more

Practical GDPR Steps for US-Headquartered Life Sciences Companies

In case you had not heard, the European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018. The essential principles of the EU’s...more

HIPAA Small Breach Notifications Due March 1

by Davis Wright Tremaine LLP on

March 1, 2018 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more

Massachusetts Launches New Online Breach Reporting Form

by Murtha Cullina on

On Monday, February 5, 2018, the Massachusetts Attorney General’s Office (AGO) sent an e-mail blast regarding their new online form for businesses needing to report breaches under Chapter 93H of the Massachusetts General...more

Corporate Law & Governance Update - February 2018

by McDermott Will & Emery on

New Board Removal Action - The removal of four Wells Fargo directors, in connection with other sanctions imposed on the bank by the Federal Reserve, has far reaching implications for the corporate governance of large,...more

Government data mining leads to more aggressive investigations

by Hogan Lovells on

The government is leveraging its access to big data in order to aggressively pursue healthcare investigations. Maria Durant and Gejaa Gobena, partners in our Boston and Washington, D.C. offices, discuss the steps life...more

Data Privacy + Cybersecurity Insider - February 2018 #2

by Robinson & Cole LLP on

Cisco is warning customers using its Adaptive Security Appliance (ASA) software about a virtual private network (VPN) bug that could "allow an unauthenticated, remote attacker to cause a reload of the affected system or to...more

Major Portion Of January Data Breaches Target Health Care

by Fox Rothschild LLP on

According to the monthly report from the Identity Theft Resource Center, the health care industry suffered more data breaches in January than government, educational and financial sectors combined. Medical and health...more

A Super-Bowl Sized HIPAA Settlement Results in $3.5 Million Payment

On February 1, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Fresenius Medical Care North America (FMCNA) agreed to pay $3.5 million and enter into a Corrective...more

Beware: HIPAA Applies To The Health Plans You Never Knew You Had (Part 2: Wellness Programs)

by Fox Rothschild LLP on

Many employers who offer wellness programs to their employees may not have considered compliance with HIPAA privacy, security and breach notification rules (collectively, “HIPAA Rules”), since they don’t think of their...more

$3.5 M OCR Settlement for Five Breaches Affecting Fewer Than 500 Patients Each

by Murtha Cullina on

Yesterday, OCR announced its $3.5 million settlement with Fresenius Medical Care Holdings (“Fresenius”) to resolve alleged HIPAA violations. While the large settlement figure alone is eye-catching, the underlying facts...more

U.S. Supreme Court Watch: Whether to Resolve Circuit Split on Standing for Data Breach Plaintiffs

At its first conference this month, the U.S. Supreme Court will consider whether to weigh in on a Circuit split over standing to sue in the aftermath of a data breach. ...more

Class Action Suit Filed Against Allscripts for Ransomware Attack

Allscripts Healthcare Solutions Inc. notified its electronic medical record customers last week that a ransomware attack was behind the disruption of service for medical providers....more

Artificial Intelligence and Health Care—Key Regulatory Considerations for U.S. Operations

by Jones Day on

The Situation: Artificial intelligence is being used in innovative ways in the health care industry to drive down costs and improve clinical outcomes. The Issue: The health care industry, including the provision of health...more

2,920 Results
|
View per page
Page: of 117
Cybersecurity

Follow Health Updates on:

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.