News & Analysis as of

Covered Entities

A New HIPAA Accounting Rule on the Horizon?

by Holland & Knight LLP on

Under HIPAA, patients have a right to information about certain disclosures, referred to as an accounting. Under the current iteration of the regulations, covered entities and business associates need not account for...more

Beware: HIPAA Applies To The Health Plans You Never Knew You Had

by Fox Rothschild LLP on

You may be surprised to learn that those “extra” benefits your company offers to its employees such as your employee assistance program (EAP) and wellness program likely are subject to the HIPAA privacy, security and breach...more

OFAC Issues Cryptocurrency Compliance Guidance

As part of the ongoing efforts of the federal government, agencies and financial market regulators to respond to the growing cryptocurrency market, the Office of Foreign Asset Control (OFAC) of the Department of Treasury...more

On the Subject - The Continuing Disconnect between the Health Care Industry and OCR on HIPAA’s Risk Analysis Requirement

by McDermott Will & Emery on

Lack of a sufficient risk analysis continues to be one of the most commonly alleged violations in Office for Civil Rights (OCR) HIPAA enforcement actions, appearing in half of all OCR settlements announced in the last 12...more

K&L Gates Triage: 340B Update: State Medicaid 340B Billing Requirements

by K&L Gates LLP on

In the midst of the ongoing federal conversation surrounding the 340B Drug Pricing Program, individual states are implementing a number of regulatory efforts related to the 340B Program at an increasingly fast pace. These...more

Supreme Court’s Merit Management Ruling Highlights Potential Alternative Path to Safe Harbor

by Latham & Watkins LLP on

Possible application of Section 101(22)(A) to safe harbor’s covered entity requirement raises important questions for future transferee defendants. Key Points: ..Merit Management raises the possibility that customers of...more

That’s All Folks! Alabama Becomes 50th State With Breach Notification Law

by Thompson Coburn LLP on

On March 28, 2018, Alabama Gov. Kay Ivey signed a bill that made Alabama the 50th and final state to enact a consumer data breach notification law. Prior to the signing, Alabama had been the last remaining state without such...more

“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 For Data Breach Caused By Vendor

by Jackson Lewis P.C. on

Last week, New Jersey Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices...more

Is OCR Moving the Goal Posts on Vendor Management?

Recent statements at the 27th National HIPAA Summit suggest that the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) may be changing its position and expecting a greater level of vendor due...more

When Does a HIPAA Breach Exist?

by Ruder Ware on

Conducting HIPAA Breach Risk Assessments - The HIPAA rules relating to assessment of potential patient confidentiality breaches were changed in 2013. Specifically, on January 17, 2013, the Office of Civil Rights released...more

HIPAA in Due Diligence (Part III): Risk Mitigation Strategies

by McGuireWoods LLP on

Health Information Highlight - Welcome back to our three-part series examining ways to efficiently identify, address and mitigate gaps in HIPAA compliance in transaction diligence. In Part I, we discussed four key...more

Is HIPAA A Sleeping Giant?

by McGuireWoods LLP on

So far, 2018 has been a light year in terms of HIPAA enforcement. There have been only two publicly-disclosed settlements. But that doesn’t mean covered entities and business associates should let their guard down and...more

D.C. Circuit Shuts Down Rite Aid’s Challenge to Expand Healthcare Exemptions under the TCPA and HIPAA

by Dorsey & Whitney LLP on

On March 16, 2018, the U.S. Circuit Court of Appeals for the District of Columbia issued a groundbreaking decision in ACA Int’l v. FCC, No. 15-1211, 2018 U.S. App. LEXIS 6535 (D.C. Cir. Mar. 16, 2018) (“ACA Int’l“) that...more

State of Washington Adopts Statewide Drug Take-Back Legislation

by Beveridge & Diamond PC on

On March 22, 2018, the Governor of the State of Washington signed the Secure Drug Take-Back Act, which establishes the first statewide drug take-back program in the nation. The Act requires manufacturers of “covered drugs”...more

What All Employers Need to Know About Protecting Employee Health Information

Employers obtain employee health information in a number of ways—most commonly, in relation to a work-related injury or when an employee requests medical leave or a disability accommodation. Most employers understand that...more

New Guidance From SEC, New York’s DFS

Hoping to help covered entities, the Securities and Exchange Commission (SEC) released an update on cybersecurity while New York’s Department of Financial Services (DFS) published guidance for licensed virtual currency...more

Minimizing Liability For Business Associate Misconduct

by Holland & Hart LLP on

Healthcare providers, health plans and healthcare clearinghouses (“covered entities”) and business associates are subject to significant penalties for violations of the HIPAA Privacy, Security and Breach Notification Rules....more

New York DFS Issues New FAQs Regarding Cybersecurity Regulations

by Weiner Brodsky Kider PC on

The New York Department of Financial Services (DFS) has issued four additional Frequently Asked Questions (FAQs) concerning its cybersecurity regulations that went into effect last year....more

New York Department of Financial Services Updates Cybersecurity Guidance: Coverage of Cybersecurity Requirements Addressed in 4...

On March 1, 2018, the New York Department of Financial Services (NYDFS) “cybersecurity regulations” (23 NYCRR Part 500) took effect, placing a number of cybersecurity requirements on banks, insurance companies, and other...more

Privacy Please: HIPAA and Artificial Intelligence – Part I

What if Artificial Intelligence (AI) is deployed within a health system to apply machine learning to patient information, in part, to allow patients to download information and wellness numbers (such as steps, blood pressure,...more

Liability for HIPAA Violations Continues after a Business Ceases Operations

by Arnall Golden Gregory LLP on

On February 13, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its settlement with Filefax, Inc. to resolve alleged violations of the HIPAA Privacy Rule. Filefax was a...more

Liquidator of a Shuttered Business Associate Agrees to $100k Payment for Alleged HIPAA Violations

On February 13, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that a receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $100,000 to settle...more

HIPAA Enforcement Survives Closure of Business

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced a $100,000 settlement with a company that is no longer in business. Filefax, Inc. (Filefax) was an Illinois company that...more

The March 1 Deadline for NY DFS Cyber Compliance: One Week to Go!

by Locke Lord LLP on

As we reported here, March 1, 2018 brings a new transition date, with a new set of compliance obligations for Covered Entities subject to the Cybersecurity Regulation of the New York Department of Financial Services. By...more

NY DFS Cybersecurity Compliance Certificate Required Today; Additional Requirements Looming

by Locke Lord LLP on

As previously warned, February 15, 2018 is the first annual deadline for individuals and companies licensed or otherwise authorized under the New York Insurance, Banking and Financial Services laws (defined as Covered...more

787 Results
|
View per page
Page: of 32
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.