New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Hybrid Workforces and Compliance with Sheila Limmroth
HIPPA: Privacy & Security and Potential Rule Changes
With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more
December 2024 was an active month for the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"). OCR announced (i) a $1.19 million civil monetary penalty ("CMP") against Gulf Coast Pain...more
A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more
As we reflect on the flurry of activity in the health care data privacy and security space in 2023 and look ahead to what will continue to be a busy 2024, we are seeing the early stages of federal agency movement to align the...more
2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more
October has been a busy month for the OCR, which is tasked with enforcing the regulations issued under HIPAA. In the past week, the OCR released two new guidance documents aimed at reducing the privacy and security risks...more
On October 18, 2023, the Office for Civil Rights (OCR) of the US Department of Health and Human Services (HHS) issued two resource documents to help explain the privacy and security risks to patients’ protected health...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
In a December 2022 bulletin published by the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS), HHS made clear that the use of third-party tracking technologies by covered entities and business...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
Report on Patient Privacy 22, no. 8 (August, 2022) - Oklahoma State University Center for Health Sciences’ (OSUCHS) breach might not have seemed all that serious at the time: No data is believed to have been misused,...more
On June 9, 2021, OCR distributed an update to those on its Privacy List sharing links to alerts and resources for addressing the growing number and size of ransomware incidents. One such resource included a White House memo...more
Report on Patient Privacy 21, no. 5 (May 2021) - Given the hundreds of thousands of HIPAA covered entities (CEs) and business associates (BAs) and the two dozen or so enforcement actions the HHS Office for Civil Rights...more
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more
As the decade winds down, it’s hard to believe that the HIPAA Privacy and Security Rules are almost twenty years old. It has been ten years since the U.S. Department of Health and Human Services (HHS) Office for Civil Rights...more
Organizations that meet the definition of "covered entity" under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) must be diligent to maintain the privacy and security...more