HIPAA Security Rule, HIPAA Breach, Department of Health and Human Services (HHS)

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on 1/2/2025

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Providers Face HIPAA Compliance Questions After Change Healthcare Cyberattack

ArentFox Schiff on 6/19/2024

Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more

Avoiding HIPAA Penalties: A Checklist for Covered Entities

Holland & Hart LLP on 5/30/2024

The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

Health Care Compliance Association (HCCA) on 1/17/2024

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Wandering through the Consumer Health Data Privacy & Security Forest? There is a guide for that.....

Mintz on 9/15/2023

If you are in the consumer health space, you have (or at least we hope you have...) figured out by now that there are health-related privacy and security laws and regulations that apply to your business. The Federal Trade...more

OCR Cracks Down on Electronic Protected Health Information Breaches under HIPAA

Holland & Hart LLP on 2/7/2023

The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) entered into a Resolution Agreement (“Agreement”) with Banner Health on behalf of Banner Health Affiliated Covered Entities (“Banner”) to remedy...more

Fifth Circuit Decision Motivates Covered Entities to Appeal Unreasonable Enforcement Outcomes

Faegre Drinker Biddle & Reath LLP on 2/9/2021

The United States Court of Appeals for the Fifth Circuit (the “Court”) vacated a $4,348,000 civil monetary penalty (“CMP”) imposed by the U.S. Department of Health and Human Services’ Office for Civil Rights (“HHS-OCR”) in...more

What Does the Fifth Circuit’s Vacating of HHS HIPAA Fines Mean for Companies This Year?

Sheppard Mullin Richter & Hampton LLP on 2/9/2021

Will HHS’ approach for imposing penalties in the aftermath of a data breach become a little clearer in 2021? This is a distinct possibility in the wake of a Fifth Circuit decision vacating penalties against MD Anderson Cancer...more

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on 8/20/2020

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

Under New Settlement, Ambulance Co. Pays OCR $65K, Must Quickly Encrypt Computers

Health Care Compliance Association (HCCA) on 1/13/2020

Report on Patient Privacy 20, no. 1 (January 2020) - In the waning days of 2019, the HHS Office for Civil Rights (OCR) didn’t halt the HIPAA enforcement momentum it had built up during the last quarter of the year, dinging...more

HIPAA Security Rule › HIPAA Breach › Department of Health and Human Services (HHS)

"My best business intelligence, in one easy email…"