Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more
Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more
On January 23, 2020, the United States District Court for the District of Columbia declared sections of the 2013 Omnibus Rule unlawful. The Court found that the Department of Health and Human Services (HHS) impermissibly...more
New guidance issued by the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) reaffirms that business associates must have proper HIPAA compliance practices, safeguards and documentation in place...more
Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus...more
The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more
This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more
Just days before the September 23, 2013 enforcement date for the new HITECH Act Omnibus rules, the Department of Health and Human Services' Office for Civil Rights has published several new guidance tools and documents. On...more
The HHS Office of Civil Rights (OCR) recently released several versions of a model Notice of Privacy Practices (NPP) for use by covered entity health plans and health care providers. The notices have been written specifically...more
The HIPAA Privacy Regulations have long required covered entities to seek a patient authorization in order to use or disclose protected health information ("PHI") for marketing purposes. However, the Office for Civil Rights...more
There are now less than 60 days left for covered entities and business associates to implement provisions set forth in the final omnibus HIPAA/HITECH rules issued by the U.S. Department of Health and Human Services (HHS) in...more
If you haven’t focused on HIPAA lately, now is the time....more
A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more
If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more
On March 22, 2013, Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) Director Leon Rodriguez presented the keynote address to attendees of the American Health Lawyers’ Association HIPAA/HITECH Conference in...more
The U.S. Department of Health and Human Services recently released its final regulations – also known as the “Final Rule” or “Omnibus Rule” – modifying the privacy, security, breach notification and enforcement rules...more
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) published the highly anticipated Omnibus Rule, which makes extensive changes (as promulgated by the Health Information Technology for Economic and...more
On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more
The United States Department of Health and Human Services (the “Department” or “HHS”) issued the “Omnibus” Final Rule (the “Final Rule”) on January 17th, 2013. The Final Rule contains long-awaited rules and clarifications...more
In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more
On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more
In This Issue: - Right to Access Protected Health Information - Restrictions on Health Plan Disclosures - Guidance on How to Comply With the Expanded Patient Rights ..Evaluate Electronic Systems ..Revise...more
As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more
The Office for Civil Rights of the Department of Health and Human Services (“OCR”) has issued final regulations modifying the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security, Breach...more