News & Analysis as of

Covered Entities Cybersecurity Business Associates

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Fisher Phillips

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

Sheppard Mullin Richter & Hampton LLP

HHS’ Last-Minute Holiday Gift: Proposed Changes to the HIPAA Security Rule

The U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (the “Proposed Rule”) on December 27, 2024, to significantly amend HIPAA’s Security Rule, which sets forth the security standards...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more

Brooks Pierce

OIG Recommends Changes to HIPAA Audit Program to Strengthen Data Protections, Implications for Regulated Entities

Brooks Pierce on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Winstead PC

HIPAA Gets a Potential Counterpart in HISAA

Winstead PC on

Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more

McGuireWoods LLP

Ounce of Prevention: Are You Keeping Track of Your Business Associate Agreements’ Requirements?

McGuireWoods LLP on

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Fisher Phillips

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

McGuireWoods LLP

Ounce of Prevention: Do You Have Business Associate Agreements With Every Required Party?

McGuireWoods LLP on

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Health Care Compliance Association (HCCA)

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Dorsey & Whitney LLP

Significant New Healthcare Privacy and Cybersecurity Developments

Dorsey & Whitney LLP on

As the federal government continues to take action in response to events impacting the healthcare landscape, stakeholders must ensure that they are staying up-to-date with health information privacy and security developments...more

Wilson Sonsini Goodrich & Rosati

OCR at HHS Updates Guidance on Use of Online Tracking Technology by HIPAA-Regulated Entities

On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Dorsey & Whitney LLP

HIPAA on the Horizon in the New Year: Important Lessons from an Active 2023 and Regulatory Initiatives to Watch for in 2024

Dorsey & Whitney LLP on

2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more

BakerHostetler

OCR’s October Initiatives: Strengthening Telehealth Security and HIPAA Compliance

BakerHostetler on

October has been a busy month for the OCR, which is tasked with enforcing the regulations issued under HIPAA. In the past week, the OCR released two new guidance documents aimed at reducing the privacy and security risks...more

Mintz - Health Care Viewpoints

OCR Cybersecurity Newsletter Emphasizes Significance of HIPAA Sanction Policies

The Office for Civil Rights (OCR) recently offered covered entities and business associates (Regulated Entities) not-so-subtle reminders in its October 2023 Cybersecurity Newsletter that effective sanction policies can...more

Health Care Compliance Association (HCCA)

[Event] 2023 Healthcare Enforcement Compliance Conference - November 5th - 7th, Washington, DC

Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us at HCCA’s Annual Healthcare Enforcement Compliance Conference to...more

K&L Gates LLP

Health Care Triage: Cybersecurity & HIPAA: NIST’s Practical Guidance Updates for Covered Entities and Business Associates

K&L Gates LLP on

In this episode, Rebecca Schaefer and J.D. Koesters review key components of the recent National Institute of Standards and Technology (NIST) revised publication regarding cybersecurity. They highlight how this resource...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Arnall Golden Gregory LLP

Recent OCR HIPAA Enforcement Actions and Request for Information on HITECH Implementation

Enforcement Actions - In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more

Wyrick Robbins Yates & Ponton LLP

Any Port in a Storm? OCR Seeks Comments on HIPAA “Safe Harbor” for Recognized Security Practices

Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more

Health Care Compliance Association (HCCA)

Safeguards in New National Network Include Insurance, App Mandates, Cybersecurity Council

Report on Patient Privacy 22, no. 2 (February, 2022) - The new national health information network calls for a number of privacy and security safeguards and standards that, in some instances, exceed what HIPAA covered...more

Health Care Compliance Association (HCCA)

2022 Outlook: More Dangerous Ransomware Coupled With Inadequate Security Practices

Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more

90 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide