News & Analysis as of

Business Associates New Guidance

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
BakerHostetler

OCR’s October Initiatives: Strengthening Telehealth Security and HIPAA Compliance

BakerHostetler on

October has been a busy month for the OCR, which is tasked with enforcing the regulations issued under HIPAA. In the past week, the OCR released two new guidance documents aimed at reducing the privacy and security risks...more

BakerHostetler

OCR Guidance on Use of Tracking Technologies Warrants Review of Website Tech

BakerHostetler on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued guidance regarding covered entities’ and business associates’ use of tracking technologies (the Guidance). As discussed in greater detail...more

Bricker Graydon LLP

Are you regulated under HIPAA? Ensure your website or app’s user tracking is HIPAA compliant

Bricker Graydon LLP on

On December 1, 2022, the Centers for Medicare and Medicaid Services’ Office of Civil Rights (OCR) issued new guidance to covered entities and business associates regarding website and application user data tracking and how...more

Hogan Lovells

Not so fast: HHS OCR warns that HIPAA applies to online tracking technologies

Hogan Lovells on

Covered Entities and Business Associates must comply with HIPAA in their use of online tracking technologies, including cookies, pixels or similar code. The U.S. Department of Health and Human Services (HHS), Office for Civil...more

BakerHostetler

Dobbs Triggers Significant Healthcare and Privacy Law Concerns and Confusion

BakerHostetler on

To help guide entities through the significant confusion and changes that will be evolving for the next several years, BakerHostetler has assembled the Dobbs Decision Task Force (DDTF), led by attorneys in five major areas...more

BakerHostetler

Office for Civil Rights Provides HIPAA Privacy Rule on Disclosures of Information Relating to Reproductive Healthcare

BakerHostetler on

On June 29, in response to the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, the U.S. Department of Health & Human Services Office for Civil Rights (HHS OCR) issued guidance on when entities...more

Lathrop GPM

OCR Issues Guidance to Assist Health Care Providers in the Age of the Coronavirus

Lathrop GPM on

As a result of the novel Coronavirus pandemic, the Office for Civil Rights (OCR) recently issued several pieces of guidance to help HIPAA covered entities and their business associates to best address how patient information...more

Robinson+Cole Data Privacy + Security Insider

HHS Issues Timely Reminder of Applicability of HIPAA to Outbreak Situations

Robinson+Cole Data Privacy + Security Insider on

On February 3, 2020, the U.S. Department of Health and Human Services (HHS) issued a bulletin (the Bulletin) to remind covered entities and business associates of how patient information may be shared under HIPAA in the event...more

Mintz - Health Care Viewpoints

HIPAA Updates: New Guidance for Business Associates and Continued Data Breaches

Mintz - Health Care Viewpoints on

The HHS Office for Civil Rights (OCR) released a new guidance document regarding which HIPAA violations business associates (BAs) can and cannot be held directly liable for. In the guidance, OCR states that BAs can be held...more

Mintz - Privacy & Cybersecurity Viewpoints

A New FBI Warning for Healthcare Providers

Mintz - Privacy & Cybersecurity Viewpoints on

The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

BCLP

Clouds, With A Nearly 100% Chance of a Business Associate Agreement

BCLP on

HHS recently posted guidance on its website addressing HIPAA’s approach to cloud computing. Basically, any time a cloud service provider has electronic protected health information (ePHI), it’s a business associate. This is...more

Mintz - Health Care Viewpoints

HHS Publishes Guidance on HIPAA and Cloud Computing

Mintz - Health Care Viewpoints on

On October 7, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance. As discussed below,...more

Robinson+Cole Data Privacy + Security Insider

OCR Releases HIPAA Guidance on Cloud Computing

Robinson+Cole Data Privacy + Security Insider on

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (OCR) released HIPAA guidance on cloud computing (Guidance). The Guidance is intended to help covered entities and business associates...more

Parker Poe Adams & Bernstein LLP

OCR Issues Guidance on Ransomware Attacks and Determining Whether a Reportable HIPAA Breach Exists

Parker Poe Adams & Bernstein LLP on

The Office of Civil Rights (“OCR”) has issued new guidance in connection with an increase of malicious cyberattacks, namely ransomware attacks on healthcare organization’s computer systems. Ransomware is a defined by HHS as a...more

McDermott Will & Emery

Guidance on Ransomware Attacks under HIPAA and State Data Breach Notification Laws

McDermott Will & Emery on

The US Department of Health and Human Services (HHS) has recently issued guidance under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and...more

Dickinson Wright

New HIPAA Guidance on Ransomware Prevention and Recovery

Dickinson Wright on

A U.S. government interagency report indicates that there has been a 300 percent increase in the daily ransomware attacks in 2016 as compared to 2015. Ransomware is malicious software that, when introduced into a system,...more

Obermayer Rebmann Maxwell & Hippel LLP

SOS Answered: New Guidance on HIPAA for App Developers

Obermayer Rebmann Maxwell & Hippel LLP on

Amidst criticism that the Health Insurance Portability and Accountability Act (“HIPAA”) lags behind technological innovation, the Office for Civil Rights (“OCR”) released new guidance to aid app developers in determining how...more

Robinson+Cole Data Privacy + Security Insider

HHS releases HIPAA guidance on care coordination and case management

Robinson+Cole Data Privacy + Security Insider on

In its third release of HIPAA guidance over the past few weeks, the Department of Health and Human Services (HHS) released“The Real HIPAA: Care Coordination, Care Planning, and Case Management Examples” to assist covered...more

19 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide