News & Analysis as of

Mobile Devices Office of Civil Rights Protected Health Information

BakerHostetler

Let’s Get Physical - OCR Issues Reminder that HIPAA Security Isn’t Just Technical

BakerHostetler on

While most entities that are subject to the HIPAA Security Rule spend considerable time and effort ensuring that they have implemented appropriate administrate and technical safeguards to protect the health information that...more

BakerHostetler

OCR Provides Guidance on the Privacy of Data Stored on Health Apps and Mobile Devices

BakerHostetler on

In the wake of the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, many individuals and organizations have expressed uncertainty about the protection afforded to data stored on health apps,...more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert | December 2019

SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more

Saul Ewing LLP

Large New York State Health System Agrees To Pay $3 Million For Its Failure to Repeatedly Encrypt Mobile Devices

Saul Ewing LLP on

On November 5, 2019, the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) announced a $3 million settlement with the University of Rochester Medical Center (URMC) to settle potential...more

McGuireWoods LLP

Unencrypted Mobile Devices Cost Medical Center $3 Million In HIPAA Settlement

McGuireWoods LLP on

In one of this year’s largest HIPAA settlements, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) is set to collect $3 million from the University of Rochester Medical Center (URMC). This...more

Mintz - Health Care Viewpoints

Latest OCR Cybersecurity Newsletter Tackles Mobile Devices

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released its October Cybersecurity Newsletter last week with a focus on mobile devices. Given the amount of work conducted on mobile devices...more

Obermayer Rebmann Maxwell & Hippel LLP

Securing ePHI in a Mobile Health World

Could a lost cell phone or laptop cost your organization millions of dollars? Mobile devices have enabled vast improvements in the efficiency and quality of healthcare delivery. ...more

Sherman & Howard L.L.C.

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

King & Spalding

HHS-OCR Announces Guidance On HIPAA Compliance And Cloud Computing

King & Spalding on

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more

Robinson+Cole Data Privacy + Security Insider

Oregon Health & Science University pays $2.7M penalty for data breaches

Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more

Polsinelli

Recent Enforcement Action: Business Associates Not Off the Hook

Polsinelli on

Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more

Dechert LLP

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Dechert LLP on

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Lathrop GPM

Business Associate Settles HIPAA Investigation for $650,000

Lathrop GPM on

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

Robinson+Cole Data Privacy + Security Insider

OCR levies first fine ever directly against business associate

Our predictions that the Office for Civil Rights (OCR) will become more aggressive with audits, investigations, and fines against HIPAA business associates has come true. On June 24, 2016, the OCR announced that it has...more

Foley Hoag LLP - Security, Privacy and the...

Bad News for HIPAA Business Associates: HHS OCR Announces $650,000 Settlement for BA Breach

Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more

Obermayer Rebmann Maxwell & Hippel LLP

Hospital’s Turkey Dinner Is $850,000 Fine for Failure to Secure Mobile Medical Devices

Just before Thanksgiving, Lahey Hospital and Medical Center (“Lahey”), a non-profit teaching hospital located in Burlington, Massachusetts, agreed to pay $850,000 for a breach of unsecured electronic protected health...more

Womble Bond Dickinson

Is Your HIPAA Compliance Program Ready for the FTC?

Womble Bond Dickinson on

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

Mintz - Privacy & Cybersecurity Viewpoints

Privacy Tuesday: December 2014 – The Twelve Days of Privacy 2014

Our series last year was a reader favorite, so we decided to put our prognosticator hats on again and present: Rather than look back at 2014, starting tomorrow, the Privacy & Security blog will count down The 12 Days...more

Cozen O'Connor

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

Cozen O'Connor on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

Pullman & Comley, LLC

Why Medical Providers Should Take Caution with Sensitive Information, Especially With Mobile Devices

Pullman & Comley, LLC on

We continue to hear reports of large-scale data breaches that involve the loss or theft of thousands of records containing personally identifiable information of individuals (PII). If such a loss or theft is determined to...more

BakerHostetler

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

BakerHostetler on

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

Morgan Lewis

OCR Reaches $50,000 Settlement with Hospice for Small Data Breach

Morgan Lewis on

Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more

Baker Donelson

Are Your Mobile Devices HIPAA Compliant? Practical Steps to Ensure Compliance

Baker Donelson on

Mobile device use is becoming more commonplace in health care. Health care professionals use text messaging to communicate with each other about patient status. Medical schools now provide residents tablets to use as...more

23 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide