While some of the legal requirements on your organization can seem overly burdensome, there are times when legal requirements also align nicely with what makes good business sense. Risk assessments in the healthcare industry...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
We expect 2018 to be another year of rapid change within the health care industry. In this episode, Mary Beth Johnston highlights some of the key topics that the health care practice group will monitor in the coming year,...more
Health Care Organizations Saw an 89% Increase in Ransomware in 2017 - Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the...more
Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more
Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more
On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more
The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has posted an alert (and a follow-up alert) warning health plans, health care providers, and their vendors of a mock communication...more
Covered Entities and Business Associates may be ringing in the New Year with the prospect of responding to on-site HIPAA audits by federal regulators. The U.S. Department of Health and Human Services Office for Civil Rights...more
Phase 2 Audits of Business Associates: The Department of Health and Human Services, Office for Civil Rights (OCR) is in the process of conducting its phase 2 audits of Covered Entities and Business Associates. “Covered...more
The Office of Civil Rights (OCR) recently uploaded two items of interest: information regarding the largest penalty to date against a single entity, Advocate Health Care Network (Advocate), and HIPAA Phase II Desk Audit...more
Federal regulators announced last week that Illinois’ largest hospital chain would pay $5.5 million, a record payment under the Health Insurance Portability and Accountability Act (HIPAA), in connection with three 2013 data...more
Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more
On July 12, 2016, HHS’s Office for Civil Rights (OCR) distributed an e-mail discussing recent developments in Phase II of its HIPAA audit program....more
The Office of Civil Rights (OCR) of the Department of Health and Human Services has moved forward with Phase 2 of its Health Insurance Portability and Accountability Act of 1996 (HIPAA) audit program. On Monday, July 11,...more
Featuring Iliana L. Peters, J.D., LL.M., Senior Advisor for HIPAA Compliance and Enforcement at the HHS Office for Civil Rights, and Members of Williams Mullen’s Health Care Practice...more
Our predictions that the Office for Civil Rights (OCR) will become more aggressive with audits, investigations, and fines against HIPAA business associates has come true. On June 24, 2016, the OCR announced that it has...more
On March 21, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), announced the launch of the 2016 Phase 2 Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Audit...more
The last couple of years have brought a steady rain of bad news for the healthcare industry when it comes to data security: Insurers faced with massive data breaches affecting thousands of health plans and millions of...more
In an effort to review and examine compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), the Department of Health and Human Services Office for Civil...more
Recent settlements and initiatives conducted by the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services highlight the continuing need for focus on compliance with the privacy and security...more
On March 21, 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced the launch of the long-awaited Phase 2 HIPAA Audit Program (Phase 2), and OCR activities related to Phase 2 are already...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more