In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
Health Care Organizations Saw an 89% Increase in Ransomware in 2017 - Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the...more
On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more
As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more
On August 4, 2016, the Office for Civil Rights (“OCR”) of the U.S. Health & Human Services Department (“HHS”) announced a $5.55 million HIPAA settlement with Advocate Health Care Network (“Advocate”), the largest...more
In our April 8, 2016, advisory, we discussed the U.S. Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR) “Phase 2” audit program. Then, we could only make educated guesses about what documents OCR...more
Federal regulators announced last week that Illinois’ largest hospital chain would pay $5.5 million, a record payment under the Health Insurance Portability and Accountability Act (HIPAA), in connection with three 2013 data...more
On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more
For years, many questioned whether the HIPAA privacy and security rules would be enforced. The agency responsible for enforcement, Health and Human Services’ Office for Civil Rights (OCR), promised it would enforce the rules,...more
On July 11, 2016, the Office of Civil Rights (“OCR”) at the Department of Health and Human Services issued new HIPAA guidance regarding the growing epidemic of malicious computer software known as “ransomware”....more
What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more
Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more
The Office of Civil Rights (OCR) of the Department of Health and Human Services has moved forward with Phase 2 of its Health Insurance Portability and Accountability Act of 1996 (HIPAA) audit program. On Monday, July 11,...more
The last couple of years have brought a steady rain of bad news for the healthcare industry when it comes to data security: Insurers faced with massive data breaches affecting thousands of health plans and millions of...more
It’s common for employers outside the healthcare industry to believe they can avoid issues brought about by the Health Insurance Portability and Accountability Act (HIPAA) and other health plan data laws. After all, most...more
K&S Client Alert: Third Try Is A Charm: Defend Trade Secrets Act Of 2015 Enacted Into Law—For the third consecutive year, Congress introduced legislation to create a federal civil cause of action for trade secret...more
Recent settlements and initiatives conducted by the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services highlight the continuing need for focus on compliance with the privacy and security...more
A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more
Special Focus on “Safe Harbor 2.0,” Privacy Shield and E.U. Data Transfers: Alston & Bird’s privacy team has been closely following the development of Privacy Shield, the proposed successor to the E.U.-U.S. Safe Harbor...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more
The world of privacy grows every day as more data goes through the cloud. The new trends and weekly data breaches make conferences like the Global Privacy Summit all the more relevant. Earlier this month we went to...more
Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more