Hybrid Workforces and Compliance with Sheila Limmroth
HIPPA: Privacy & Security and Potential Rule Changes
Compliance Perspective: What's New in Healthcare Privacy
Welcome to our fourth issue of 2025 of The Health Record -- our healthcare law insights e-newsletter. In this edition, we look at prior authorization transparency and physician decision-making; the impact of Medicaid cuts...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has renewed its focus on two critical areas of HIPAA compliance: risk analysis and individual right of access. These enforcement...more
In terms of healthcare data breaches, 2024 was the worst year ever, with the records of at least 53% of the U.S. population involved and two of the biggest healthcare data breaches of 2024 ranking in the top 10 of all time. ...more
Can you remember healthcare security 20+ years ago? It seems like a different world from now. Believe it or not, the HIPAA Security Rule has barely changed since it was first enacted in 2003 and has been long overdue for a...more
During the first weeks of the second Trump Administration, a number of executive orders and other actions have been implemented, with some having potential implications for employee benefits. Executive Orders can, and do,...more
The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more
“Almost every stage of modern healthcare relies on stable and secure computer and network technologies.” The above is a direct quote from the Office of Civil Rights for Health & Human Services (“OCR”) in its proposed...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) appears to have made cybersecurity its New Year’s resolution. The first few weeks of 2025 have already brought with them proposed amendments to...more
On January 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more
119th Congress Begins. The new Congress began with key membership announcements for relevant healthcare committees. Cures 2.1 White Paper Published. The document outlines the 21st Century Cures 2.1 legislative proposal,...more
On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) delivered a late-December surprise: a draft overhaul of the Health Insurance Portability and Accountability Act of 1996’s (HIPAA) Security Rule....more
‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more
The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), which enforces HIPAA, recently announced a new enforcement initiative, the Risk Analysis Initiative, in conjunction with OCR’s seventh...more
Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more
Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more
Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more
Updates to the Health Insurance Portability and Accountability Act Security Rule (“HIPAA Security Rule”) are planned for Spring 2024. New guidance from The Department of Health and Human Services (“HHS”) via a recently...more
If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more
The Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have recently launched a joint HIPAA Security Risk Assessment (SRA) Tool. The tool is designed to assist...more
In June 2022, the U.S. Department of Health and Human Services (HHS) issued new guidance on the use of remote communication technologies to deliver audio-only telemedicine in compliance with the Health Insurance Portability...more
Every October, in recognition of National Cybersecurity Awareness Month, the federal government and its partners work to educate stakeholders on cybersecurity awareness and how best to protect the privacy and security of...more
The U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) recently released new guidance (the “Guidance”) to help ensure that individuals may continue to benefit from audio-only telehealth...more
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently issued new guidance (Guidance) on the use of remote communication technologies to deliver audio-only telehealth in accordance with...more