Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
On February 8, 2024, the U.S. Department of Health & Human Services (HHS) released a final rule modifying 42 CFR Part 2 (Part 2) provisions regarding the confidentiality of Substance Use Disorder (SUD) Patient Records. The...more
After more than a year since the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) and Substance Abuse and Mental Health Services Administration (SAMHSA) issued the proposed changes to the...more
On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more
Last week, the Department of Health and Human Services (HHS) released a final rule intended to implement a 2020 modification to the federal substance use disorder (SUD) privacy statute. The final rule more closely aligns the...more
On the second to last business day of last year, the U.S. Court of Appeals for the Eighth Circuit addressed when a private organization can invoke the federal officer removal statute, 28 U.S.C. § 1442. If a private...more
The U.S. Department of Health and Human Services (HHS) has proposed to significantly revise rules governing patient records in substance use disorder (SUD) programs, commonly known as the Part 2 rules, with important...more
Report on Patient Privacy Volume 22, Number 11. (November 2022) Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced June 10, 2022 that it is producing a video presentation on “recognized security practices” as set forth in the recent amendment of...more
In the wake of the 2019 United States Department of Health and Human Services, Office of Civil Rights (“OCR”) enforcement actions against Bayfront Health St. Petersburg (“Bayfront”) and Korunda Medical, LLC (“Korunda”)...more
Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more
According to a December 20, 2019 Report by HIPAA Journal, nearly 39 million health care data breaches had been reported to the U.S. Department of Health and Human Services (“DHHS”), Office of Civil Rights (“OCR”) by the end...more
The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more
Imagine a breach in the privacy of protected health information. The violation of an individual’s HIPAA rights may be clear, but the individual cannot sue under HIPAA. Courts have consistently held that HIPAA provides no...more
On Jan. 3, 2018, the Substance Abuse and Mental Health Services Administration (SAMHSA) issued its final rule regarding the Confidentiality of Substance Use Disorder Patient Records Part 2. These changes become effective Feb....more
The Substance Abuse and Mental Health Services Administration (SAMHSA) has issued a final rule (Rule) updating the Confidentiality of Substance Use Disorder Records, 42 CFR part 2 (Part 2), to expand the circumstances under...more
Last week, the Connecticut Attorney General’s office announced that it had entered into a settlement agreement with the Hartford Hospital and its business associate vendor, the EMC Corporation (EMC), to resolve claims arising...more
The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more
Business Associate Agreements (BAAs), in the current regulatory and technological environment, require careful review and negotiation of the implementation of the regulatory requirements. In meeting the September 23, 2014...more
On December 5, 2013, the Office of Inspector General (OIG) reported on the Office for Civil Rights’ (OCR) compliance as of May 2011 with oversight and enforcement of the Security Rule and compliance with federal cybersecurity...more
On January 25, 2013, the Department of Health and Human Services (HHS) published the highly anticipated Health Insurance Portability and Accountability Act (HIPAA) Omnibus Final Rule (the “Final Rule”). The Final Rule...more
On January 17, 2013, the Office of Civil Rights of the U.S. Department of Health and Human Services (HHS) announced the omnibus final rulemaking (Omnibus Rule). According to HHS, this Omnibus Rule is needed to strengthen...more
"Sweeping changes" is how Leon Rodriquez, of the Department of Health and Human Services Office of Civil Rights (OCR), characterized the effect of the final omnibus Health Insurance Portability and Accountability Act (HIPAA)...more
On January 18, 2013, nearly four years after the passage of the HITECH Act and its amendments to HIPAA, and nearly three years after it proposed regulatory amendments, the U.S. Department of Health and Human Services (“HHS”)...more
Originally published in Health IT Law & Industry Report, on January 23, 2013. On Jan. 17, 2013, the Office for Civil Rights of the U.S. Department of Health and Human Services (‘‘HHS’’) issued a long-awaited omnibus rule...more
The final rule is significant for any organization that is considered to be a HIPAA covered entity (“CE”) (health systems, health care providers, health plans, etc.) or the more broadly defined business associate (“BA”)....more