Last week, HHS Office of Civil Rights (OCR) announced a settlement with a Pennsylvania provider (the Provider) concerning an alleged violation of the HIPAA Privacy Rule. Specifically, the Provider impermissibly disclosed a...more
2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more
Report on Patient Privacy 23, no. 12 (December, 2023) Spring 2020 was a terrifying period in the annals of COVID-19, and New York was at the epicenter. COVID-19 cases, and deaths, already the highest in the nation, were...more
On November 20, 2023, HHS Office for Civil Rights (OCR) announced a settlement with Saint Joseph’s Medical Center for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule...more
As illustrated by a recent Office for Civil Rights (OCR) settlement with a dental practice, health care entities continue to struggle with how to respond to negative online reviews while maintaining compliance with the HIPAA...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been busy over the past month announcing new enforcement actions and settlement agreements related to violations of the Privacy...more
After a long stretch of breach enforcement actions and settlements arising out of alleged technology gaps, the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced that it settled a case...more
Report on Patient Privacy 22, no. 8 (August, 2022) - Oklahoma State University Center for Health Sciences’ (OSUCHS) breach might not have seemed all that serious at the time: No data is believed to have been misused,...more
Report on Patient Privacy 22, no. 4 (April, 2022) - By many measures, David Northcutt’s unsuccessful 2018 bid for the Alabama senate was a costly one. Northcutt, a dentist, loaned his campaign $73,000 throughout the...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has pursued its HIPAA Right of Access Initiative since 2019. OCR’s 19th settlement under the initiative, with The Diabetes, Endocrinology &...more
Health care providers and contractors continue to be a popular target for hackers. Recently, CHSPSC LLC (CHSPSC), which provides various services to hospitals and clinics indirectly owned by Community Health Systems, Inc. of...more
The Office for Civil Rights (OCR) announced yesterday that it has settled five investigations in its HIPAA Rights to Access Initiative (Initiative), which it announced would be an enforcement priority for it starting in 2019....more