News & Analysis as of

Business Associates Data Security Data Protection

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
McGuireWoods LLP

Ounce of Prevention: Are You Keeping Track of Your Business Associate Agreements’ Requirements?

McGuireWoods LLP on

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Fisher Phillips

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

McGuireWoods LLP

Ounce of Prevention: Do You Have Business Associate Agreements With Every Required Party?

McGuireWoods LLP on

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Katten Muchin Rosenman LLP

OCR Updates Guidance on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates

Katten Muchin Rosenman LLP on

On March 18, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technologies by covered entities and business associates (regulated...more

Brooks Pierce

Business Associate Victim of Ransomware Attack Pays $100,000 to HHS OCR

Brooks Pierce on

Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more

McGuireWoods LLP

HIPAA Privacy Rule Changes Coming in 2023: Five Steps to Prepare

McGuireWoods LLP on

In 2023, the Department of Health and Human Services (HHS) is expected to finalize proposed modifications to its regulations under the Health Insurance Portability and Accountability Act of 1996, as modified by the Health...more

Davis Wright Tremaine LLP

New Washington Law Has Broad Implications For Protecting Consumer Health Data - Landmark ‘My Health My Data’ Act Reaches Beyond...

Davis Wright Tremaine LLP on

On April 27, 2023, Washington Governor Jay Inslee signed into law the My Health My Data Act (the "Act"), which will regulate the collection, use, and disclosure of "consumer health data" ("Consumer Health Data" or "CHD"). The...more

Jones Day

Vital Signs Digital Health Law Update | Winter 2023

Jones Day on

Note From the Editors - We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, our lawyers take an in-depth look at...more

BakerHostetler

OCR releases YouTube Addressing “Recognized Security Practices” in HIPAA Enforcement Context

BakerHostetler on

As a Halloween treat for HIPAA-covered entities and business associates, on October 31, the Department of Health and Human Services Office for Civil Rights (OCR) released a new video on its YouTube channel, in which senior...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Health Care Compliance Association (HCCA)

2022 Outlook: More Dangerous Ransomware Coupled With Inadequate Security Practices

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more

Health Care Compliance Association (HCCA)

Compliance Refresher: Get Cozy With IT Folks, Review Insurance, Fine-Tune Policies, Training

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 11 (November, 2021) - Attorney Brad Hammer doesn’t always don a suit and tie, or what he calls his “lawyer’s uniform.” A privacy and security expert and founder of the Vakaris Group based...more

Health Care Compliance Association (HCCA)

FBI: More Awareness, Due Diligence Needed To Fight China in New ‘Space Race’ for Data

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more

Goodwin

Five Emerging Concerns for the Health Care Industry as AI & Telehealth Converge

Goodwin on

The use of telehealth continues to grow rapidly across the U.S. Given legislative proposals and the Centers for Medicare & Medicaid Services efforts to expand access to telehealth, we can only anticipate that remotely...more

Winthrop & Weinstine, P.A.

Business Associate Agreements: Do You Have Them, And Are They Compliant?—Roots Of Wisdom

Winthrop & Weinstine, P.A. on

Navigating the day-to-day duties related to your practice includes many different responsibilities. From providing patient care, to making sure your office has the appropriate equipment, to managing your team, you have a lot...more

Health Care Compliance Association (HCCA)

Nick Culbertson on Compliance Breaches in Healthcare

Health Care Compliance Association (HCCA) on

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

Akin Gump Strauss Hauer & Feld LLP

Pending Proposed Rule Would Make Far-Reaching Changes to HIPAA Privacy Regime

Akin Gump Strauss Hauer & Feld LLP on

On January 21, 2020, the far-reaching HIPAA Privacy Proposed Rule, initially released on December 10, 2020, was published in the Federal Register. Despite speculation that the publication timeline would be altered when the...more

Health Care Compliance Association (HCCA)

Security Threats Soar From Nation-State Bad Actors as the New Year Gets Underway

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Health Care Compliance Association (HCCA)

As Covered Entities Inch Toward Normalcy, Thorny Worker, Patient Privacy Issues Arise

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 20, no. 6 (June 2020): Being a health care provider in the midst of a pandemic is complicated enough, between offering telehealth services, perhaps for the first time, and helping workers continue...more

Saul Ewing LLP

Solo Practitioner Agrees to $100,000 Settlement for HIPAA Security Rule Violations

Saul Ewing LLP on

On March 3, 2020, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announced a $100,000 settlement and corrective action plan with Steven A. Porter, M.D. to resolve potential...more

McDermott Will & Emery

[Webinar] Resolving Inconsistencies in Requirements for De-identification and Anonymization of Health Data under CCPA, HIPAA, and...

McDermott Will & Emery on

For companies seeking to use, license, or otherwise commercialize health data, there are potential inconsistencies among the HIPAA de-identification standard, the CCPA definition of de-identified data, and GDPR requirements...more

Fox Rothschild LLP

Too Much (Protected Health) Information Exposed + Too Little Response = $3M And Corrective Action Plan For Medical Imaging Company

Fox Rothschild LLP on

“TMI” usually means “too much information”, but it was used aptly by the Office for Civil Rights (OCR) as an acronym for a covered entity that exposed protected health information (PHI) of more than 300,000 patients through...more

Dickinson Wright

Understanding the HIPAA Security Rule and Tailoring Policies to Fit Your Business

Dickinson Wright on

Purpose and Practicality - The HIPAA Security Rule was designed to protect the confidentiality, integrity, and availability of a patient’s protected health information (PHI) while allowing flexibility for each covered...more

43 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide