News & Analysis as of

Mobile Devices Protected Health Information

Internet of Things Issues Guide

by Hogan Lovells on

Devices that formerly existed in only the physical world are now entering the digital world, and as a result, the Internet of Things (IOT) is here. Both familiar and unfamiliar objects are part of the IOT: toothbrushes...more

Latest OCR Cybersecurity Newsletter Tackles Mobile Devices

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released its October Cybersecurity Newsletter last week with a focus on mobile devices. Given the amount of work conducted on mobile devices...more

Securing ePHI in a Mobile Health World

Could a lost cell phone or laptop cost your organization millions of dollars? Mobile devices have enabled vast improvements in the efficiency and quality of healthcare delivery. ...more

Another HIPAA Settlement: Stolen Laptop Costs $2.5 Million Plus Encryption Requirement

by Perkins Coie on

The U.S. Department of Health and Human Services (HHS) recently announced yet another HIPAA privacy and security settlement involving Protected Health Information (PHI) on a stolen laptop. Although this might be seen as just...more

First HIPAA Settlement Involving Wireless Health Services Provider

by Poyner Spruill LLP on

We have previously written that the Internet of Things continues to spawn new cybersecurity and privacy concerns. These vulnerabilities have already served as plot devices for shows such as Homeland. Now, the U.S. Department...more

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

by Sherman & Howard L.L.C. on

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

HHS-OCR Announces Guidance On HIPAA Compliance And Cloud Computing

by King & Spalding on

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more

On the Trail for Pokémon – and HIPAA Compliance

by Davis Wright Tremaine LLP on

Pikachu, Alakazam, Bulbasaur, Charmander, and Squirtle can teach us a few things about HIPAA privacy. Pokémon GO is a recent craze encouraging people to try to catch’em all. As a result, employees, clients, and patients are...more

Oregon Health & Science University pays $2.7M penalty for data breaches

Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more

Recent Enforcement Action: Business Associates Not Off the Hook

by Polsinelli on

Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

by Dechert LLP on

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Business Associate Settles HIPAA Investigation for $650,000

by Lathrop Gage on

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

OCR levies first fine ever directly against business associate

Our predictions that the Office for Civil Rights (OCR) will become more aggressive with audits, investigations, and fines against HIPAA business associates has come true. On June 24, 2016, the OCR announced that it has...more

Bad News for HIPAA Business Associates: HHS OCR Announces $650,000 Settlement for BA Breach

Catholic Health Care Services of the Archdiocese of Philadelphia (“CHCS”), a HIPAA business associate, has agreed to pay the Department of Health and Human Services Office of Civil Rights (“OCR”) $650,000 in connection with a...more

Maintaining Patient Privacy In The Digital Age

by Fisher Phillips on

Those in the heavily regulated healthcare industry know that patient information is sacrosanct. And for good reason; improper handling can result in hefty fines or criminal prosecution under the Health Insurance Portability...more

Hospital’s Turkey Dinner Is $850,000 Fine for Failure to Secure Mobile Medical Devices

Just before Thanksgiving, Lahey Hospital and Medical Center (“Lahey”), a non-profit teaching hospital located in Burlington, Massachusetts, agreed to pay $850,000 for a breach of unsecured electronic protected health...more

HIPAA and Text Messaging

by LeClairRyan on

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

Is Your HIPAA Compliance Program Ready for the FTC?

by Womble Bond Dickinson on

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

Recent Enforcement Shows the Importance of Encrypting Mobile Devices Containing Protected Health Information

by Foley & Lardner LLP on

With headlines every day announcing another release of Protected Health Information (PHI), providers are asking themselves – is there a way to protect against these breaches? Beyond improving the security of large...more

Mobile Health Devices and Cybersecurity: Federal Guidance for Management of Threats in Medical Devices

by Polsinelli on

New Technology = New Threats - With new technology comes new security concerns. But when that new technology is in the medical field, the cybersecurity vulnerabilities can be particularly devastating. The...more

“Bring Your Own Device” To Work Programs: Regulatory and Legal Risks and How To Minimize Them

by Poyner Spruill LLP on

If you’ve ever left your mobile phone on an airplane, in a restaurant, or somewhere other than in your possession, you know it’s frightening enough to think of losing the device itself, which costs a premium, as well as your...more

Is Your Mobile Health App HIPAA Compliant?

Mobile health apps (also known as mHealth apps) are increasingly popular with consumers. As of 2014, there were more than 100,000 mobile health apps available on iOS and Android platforms, and total revenue from mobile health...more

Privacy Tuesday: December 2014 – The Twelve Days of Privacy 2014

Our series last year was a reader favorite, so we decided to put our prognosticator hats on again and present: Rather than look back at 2014, starting tomorrow, the Privacy & Security blog will count down The 12 Days...more

Failure to Encrypt Mobile Devices = Nearly $2 Million in Settlements

by Cozen O'Connor on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled for the collective amount of $1,975,220 with Concentra Health Services (Concentra) and QCA Health Plan, Inc. (QCA). The settlements stem...more

Birmingham Medical News: I-Phone Or HIPAA-Phone?

by Burr & Forman on

With the recent issuance of the long-awaited final rule by the Department of Health and Human Services ("HHS"), the protection of patient information has been a hot topic among the health care industry the past few months....more

31 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.