News & Analysis as of

Data Breach HITECH Act Office of Civil Rights

Benesch

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Benesch on

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more

BakerHostetler

HHS OCR Provides Annual Report to Congress Detailing 2022 Enforcement Activities

BakerHostetler on

On Feb. 16, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published its 2022 Annual Report to Congress. ...more

Saul Ewing LLP

HHS OCR Issues Its Most Recent HIPAA Annual Report and a Second Ransomware Settlement

Saul Ewing LLP on

On February 14, 2024, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) issued two reports to Congress as required by the Health Information Technology for Economic and Clinical Health...more

BakerHostetler

HHS Announces New Divisions to Address Weighty Case Load

BakerHostetler on

On February 27, 2023, the U.S. Department of Health and Human Services (HHS) announced that its law enforcement agency – the Office for Civil Rights (OCR) – will reorganize, adding new divisions to better address the rapid...more

Saul Ewing LLP

HHS OCR Publishes 2021 HIPAA Complaint and Breach Reports

Saul Ewing LLP on

The 2021 calendar year reports from HHS OCR describe OCR’s efforts that calendar year and are instructive tools for all parties who need to comply with HIPAA to understand macro-level trends....more

Ankura

Behind the Expert: Applying a Proactive Approach to Healthcare Compliance with Nancy Waltermire

Ankura on

"Rather than reacting, you must be proactive and preventive. By doing this, you will not only be prepared for the potential obstacles that face your company, but you will most likely eliminate obstacles before they appear." ...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 22, Number 11. MD Anderson Won Against OCR, But Agency’s Response—Including on Fines—Keeps...

Report on Patient Privacy Volume 22, Number 11. (November 2022) Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more

Woods Rogers

HIPAA Security Rule: What are “Recognized Security Practices” and why are they important?

Woods Rogers on

A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Sheppard Mullin Richter & Hampton LLP

Learning from the Mistakes of Others: OCR Releases Audit Report

The HHS Office for Civil Rights released, at the end of last year, findings from audits it conducted in 2016 and 2017 of 166 covered entities and 41 business associates. The report represents the periodic audit that the...more

Mintz - Privacy & Cybersecurity Viewpoints

Health Care Data Breaches Are Increasing Both in Number and Cost

It feels like we’ve been seeing a lot more health care breaches caused by hackers and other IT security incidents, and there’s a good reason why: a recent report by cloud security company Bitglass confirms that both the...more

Sheppard Mullin Richter & Hampton LLP

2019 Year in Review: Notable Changes in Law, Policy, and Enforcement of HIPAA

According to a December 20, 2019 Report by HIPAA Journal, nearly 39 million health care data breaches had been reported to the U.S. Department of Health and Human Services (“DHHS”), Office of Civil Rights (“OCR”) by the end...more

Jones Day

HHS Releases Guidance on Direct Liability for Business Associates Under HIPAA

Jones Day on

The Situation: On May 24, 2019, the Department of Health and Human Services ("HHS") issued a new fact sheet clarifying business associates' direct liability for violations of the Health Insurance Portability and...more

Polsinelli

HHS’s Enforcement Discretion Notice May Signal More Potential Violations

Polsinelli on

The HHS Office for Civil Rights (“OCR”) issued a notice in the Federal Register regarding its Enforcement Discretion (84 Fed. Reg. 18151) on April 30, 2019. HHS announced that HHS will now apply a different cumulative annual...more

Ballard Spahr LLP

HHS Decreases Maximum HIPAA Penalties

Ballard Spahr LLP on

The Department of Health and Human Services has announced that it is lowering the maximum amount it will assess for most types of HIPAA violations. Although the change is couched as an exercise of discretion, HHS states that...more

Sheppard Mullin Richter & Hampton LLP

Cybersecurity, Inside Jobs, Outside Jobs, and HIPAA

According to a February 12, 2019 Press Release from Protenus, a developer of analytics for patient privacy monitoring and compliance, 15,085,302 patient records were breached in 2018 – a startling number made even more...more

McGuireWoods LLP

Federal Enforcement Isn’t the Only HIPAA Concern—States Flex Their Muscles

McGuireWoods LLP on

Despite the lack of significant settlements for HIPAA enforcement by the federal Office of Civil Rights (OCR) so far in 2018, states have not hesitated to patrol privacy and security breach activity and take action against...more

Mintz - Health Care Viewpoints

Bah, Humbug! HIPAA Compliance Isn’t Getting Any Easier

As we look back on 2017, one message is clear: don’t be a Scrooge when it comes to HIPAA compliance. With ever-evolving security threats and unrelenting enforcement, regulated entities must maintain a spirit of compliance...more

Williams Mullen

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

Mintz - Health Care Viewpoints

The HIPAA “Wall of Shame” is Now Easier to Navigate

Last week, the HHS Office for Civil Rights (OCR) launched an improved version of their HIPAA Breach Reporting Tool (HBRT), commonly referred to by OCR and regulated entities alike as the HIPAA “Wall of Shame.” OCR has also...more

Davis Wright Tremaine LLP

DWT Releases Latest Health Care Breach Charts

Following the HITECH Act, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued regulations requiring HIPAA covered entities to provide certain notifications for breaches of unsecured...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Morgan Lewis

OCR Begins HIPAA Phase 2 Audits

Morgan Lewis on

What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more

Holland & Knight LLP

What's New with HIPAA?

Holland & Knight LLP on

A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more

Patterson Belknap Webb & Tyler LLP

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

68 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide