News & Analysis as of

Health Information Technology for Economic and Clinical Health Data Breach

The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted in 2009, as part of the American Recovery and Reinvestment Act. The Act seeks to promote the adoption and use of health... more +
The Health Information Technology for Economic and Clinical Health Act (HITECH) was enacted in 2009, as part of the American Recovery and Reinvestment Act. The Act seeks to promote the adoption and use of health information technology. One of the key provisions of the Act establishes a national network of electronic health records.  less -

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

by Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

What to Do When You Find Yourself in the Data Breach Club

by Miles & Stockbridge P.C. on

In the wake of the latest massive data breach, this one involving Equifax, more and more companies are likely wondering what they should do in the event that they are faced with a data breach that exposes the personal data of...more

Enhanced HHS HIPAA Breach Reporting Tool May Aid Health Care Industry Data Security Efforts

by Jackson Lewis P.C. on

Secretary Tom Price of the U.S. Department of Health and Human Services (HHS) announced his agency needs “to focus more on the most recent breaches and clarify when entities have taken action to resolve the issues that might...more

The HIPAA “Wall of Shame” is Now Easier to Navigate

Last week, the HHS Office for Civil Rights (OCR) launched an improved version of their HIPAA Breach Reporting Tool (HBRT), commonly referred to by OCR and regulated entities alike as the HIPAA “Wall of Shame.” OCR has also...more

Health Care E-Note - July 2017

by Burr & Forman on

Everywhere you look these days, there seems to be another report of a cyberattack -- attacks which do not discriminate based on industry type, size of business, or impact. In other words, everyone is vulnerable. In fact, the...more

New York State Enforces Data Breach Notification Law

Earlier this month, New York Attorney General Eric Schneiderman announced his state had entered into a settlement with CoPilot Provider Support Services, Inc. (CoPilot)—a settlement resulting from CoPilot’s violation of the...more

DWT Releases Latest Health Care Breach Charts

by Davis Wright Tremaine LLP on

Following the HITECH Act, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued regulations requiring HIPAA covered entities to provide certain notifications for breaches of unsecured...more

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

by Alston & Bird on

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

HHS Publishes New Guidance on HIPAA and Cloud Computing

by Stinson Leonard Street on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Ransomware? Don’t Pay It, Says FBI

by Orrick - Trust Anchor on

What should companies do when ransomware hits? The FBI says: (a) report it to law enforcement and (b) do not pay the ransom. Given the recent onslaught in ransomware attacks—such as a 2016 variant that compromised an...more

Sixth Circuit Affirms Dismissal of False Claims Act Case Based on HITECH Data Breach

by Ropes & Gray LLP on

In United States ex rel. Sheldon v. Kettering Health Network, 816 F.3d 399 (6th Cir. 2016), the Sixth Circuit affirmed the lower court’s dismissal of a False Claims Act (“FCA”) suit based on a data breach involving electronic...more

OCR Announces Initiative to Amplify Investigations of Breaches Affecting Fewer than 500 Individuals

by Ropes & Gray LLP on

Taking another step toward more aggressive enforcement under the Health Insurance Portability and Accountability Act (“HIPAA”), on August 18, 2016, the U.S. Department of Health & Human Services (“HHS”) Office for Civil...more

OCR Begins HIPAA Phase 2 Audits

by Morgan Lewis on

What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more

Cybersecurity News & Notes – June 2016 #3

In Case You Missed It: Illinois strengthened its data privacy and security law, with the amendments going into effect in January 2017. The amendments include expanding the definition of “personal information” to include a...more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more

Protecting Health Plan Information Is More Important Than Ever

by Fisher Phillips on

It’s common for employers outside the healthcare industry to believe they can avoid issues brought about by the Health Insurance Portability and Accountability Act (HIPAA) and other health plan data laws. After all, most...more

Illinois Enacts Sweeping Changes to the Illinois Personal Information Protection Act

by BakerHostetler on

On May 6, 2016, Illinois joined a growing number of states that have strengthened their data breach notification requirements and expanded the definition of protected personal information. Effective January 1, 2017, HB1260...more

What's New with HIPAA?

by Holland & Knight LLP on

A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Tennessee Gives Businesses 45 Days for Data Breach Notice

by Davis Wright Tremaine LLP on

Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more

Appeals Court Confirms that HITECH Violations Do Not Violate FCA

by Polsinelli on

In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator's claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives...more

Sixth Circuit Affirms Dismissal of FCA Claim Based on Health Data Breaches

The U.S. Court of Appeals for the Sixth Circuit recently affirmed the dismissal of a False Claims Act (FCA) case premised on protected health data breaches. In United States ex rel. Sheldon v. Kettering Health Network, the...more

State AGs Upping the Ante on Health (and Other) Information Data Incidents – Expect Increased Enforcement Actions

by Reed Smith on

State attorneys general (AGs) continue to emerge as major regulators of privacy, and increasingly, with respect to compromises of health-related data. Businesses concerned with U.S. customer or employee data have long...more

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

by Winstead PC on

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

HHS OCR Announces Launch Of Long-Awaited Phase 2 HIPAA Audit Program

by King & Spalding on

On March 21, 2016, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced the launch of its Phase 2 HIPAA compliance audits pursuant to which it will audit covered entities and...more

121 Results
|
View per page
Page: of 5
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.