Breach Notification Rule, OCR, Privacy Laws

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on 1/22/2025

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Disclosure of Full Record to Employer Results in $35K Fine, Broad CAP; Echoes of 2017 HIV Case

Health Care Compliance Association (HCCA) on 12/19/2024

It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more

OCR: Rule Halts Disclosures Under ‘Presumption of Lawfulness,’ Shares Model Attestation Form

Health Care Compliance Association (HCCA) on 7/16/2024

Attestations are at the heart of permissible disclosures under the HHS Office for Civil Rights’ (OCR) new reproductive health privacy rule—and OCR wants covered entities (CEs) and business associates (BA) to use them now. The...more

Key Takeaways from OCR’s CY22 HIPAA Reports to Congress

ArentFox Schiff on 5/9/2024

On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification...more

Privacy Briefs: June 2023

Health Care Compliance Association (HCCA) on 6/9/2023

Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more

[Event] Healthcare Privacy Compliance Academy - November 2nd - 5th, Nashville, TN

Health Care Compliance Association (HCCA) on 10/16/2020

Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more

HIPAA Checkup – How Good Are Your Policies and Procedures?

Snell & Wilmer on 3/15/2017

Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more

How to Avoid and Respond to a Cybersecurity Breach

Troutman Pepper on 9/17/2015

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

Time for a HIPAA Security Check-Up!

Davis Wright Tremaine LLP on 9/9/2015

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

Health Care Law Alert: Skagit County Fined $215,000 for HIPAA Violations

Stoel Rives LLP on 3/13/2014

Skagit County in northwest Washington state has been fined $215,000 for violations of the HIPAA privacy, security, and breach notification rules. The U.S. Department of Health and Human Services’ Office for Civil Rights...more

Breach Notification Rule › Office of Civil Rights › Privacy Laws

"My best business intelligence, in one easy email…"