News & Analysis as of

Office of Civil Rights

HIPAA Breach Reporting: 2017 Trends and Mends

by McGuireWoods LLP on

With 2017 having drawn to a close, it is once again time for HIPAA covered entities to complete their annual breach reporting obligations to the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”)....more

Let's Talk About The HHS "Conscience" Protections For Healthcare Employees

Here's what employers need to know. Yesterday, the U.S. Department of Health and Human Services and its Office of Civil Rights announced that they would be enhancing the legal protections for healthcare workers with...more

HHS OCR Announces a $2.3 Million HIPAA Settlement Bringing the Agency’s Settlement Total for 2017 to Over $19 Million

by Arnall Golden Gregory LLP on

On December 28th, the Department of Health and Human Services Office of Civil Rights (OCR) announced a $2.3 million settlement with 21st Century Oncology Inc. (21st Century) to settle potential violations of the HIPAA privacy...more

Legal Issues Business Leaders Need to Know in 2018

by Arnall Golden Gregory LLP on

In recent years, the CFPB has struck fear into the C-suites of financial services companies. The agency was extraordinarily active in rulemaking that addresses every aspect of lending, prepaid cards and arbitration clauses in...more

In a Class Action, a Federal Court Rejects HHS OCR Interpretation of ACA Section 1557 and Limits the Reach of Unintentional...

by Arnall Golden Gregory LLP on

In a class-action lawsuit, the Northern District of Illinois has deepened a pre-existing district-court split on a key legal question under Section 1557 of the ACA and, in doing so, explicitly rejected a pivotal HHS OCR...more

Data Privacy + Cybersecurity Insider - January 2018 #2

by Robinson & Cole LLP on

Health Care Organizations Saw an 89% Increase in Ransomware in 2017 - Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the...more

Health Care Organizations Saw an 89 percent Increase in Ransomware in 2017

Our experience last year is consistent with the conclusion of a new report issued by Cryptonite in its 2017 Health Care Cyber Research Report—that the number of hacking events targeted at health care entities involving...more

Lessons Learned from Recent OCR HIPAA Audits

Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more

HHS Office for Civil Rights Releases Research-Related HIPAA Guidance Required by 21st Century Cures Act

by Ropes & Gray LLP on

In December 2017, the U.S. Department of Health and Human Services Office for Civil Rights (“HHS OCR”) released two sets of guidance mandated by the 21st Century Cures Act, which was enacted in 2016 (the “Act”). The guidance...more

2017 Closes with $2 Million HIPAA Settlement

On December 28, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that 21st Century Oncology, Inc. (21CO) agreed to pay $2.3 Million in lieu of potential civil money...more

New HIPAA Guidance On Disclosure Of PHI Related To Opioid Abuse And Mental Health

by Fox Rothschild LLP on

In our most recent post, the Top 5 Common HIPAA Mistakes to Avoid in 2018, we noted that the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) has recently published guidance on disclosing protected...more

HIPAA Enforcement Update

by Locke Lord LLP on

With respect to enforcement, the Department of Health and Human Services, Office for Civil Rights (OCR) announced two Settlement Agreements to resolve allegations of HIPAA violations between May and October of 2017. Neither...more

Small Health Care Providers: Do You Really Know What Your IT Services Vendor is Providing to Secure Your Systems?

by BakerHostetler on

A small health care provider such as a physician office or clinic often will contract with an IT services vendor to meet overall IT needs to operate the business. A small health care provider may not have the resources and...more

WannaComply? OCR’s Application Of HIPAA’s Breach Notification Rule To Ransomware Attacks

by Ellis & Winters LLP on

Organizations worldwide are facing a new cybersecurity plague: ransomware attacks such as the recent, widely publicized, and global WannaCry[2] and Petya[3] outbreaks. In the typical case, after users click on a malicious...more

Bah, Humbug! HIPAA Compliance Isn’t Getting Any Easier

As we look back on 2017, one message is clear: don’t be a Scrooge when it comes to HIPAA compliance. With ever-evolving security threats and unrelenting enforcement, regulated entities must maintain a spirit of compliance...more

Health Care E-Note - December 2017

by Burr & Forman on

In Part One of his White Collar Courier series, Adam Overstreet detailed how the U.S. Department of Justice has focused its attention on the aggressive investigation and prosecution of “pill mill” cases. In Part Two, he...more

Data Privacy + Cybersecurity Insider - December 2017 #2

by Robinson & Cole LLP on

$64 Million in Bitcoin Stolen from NiceHash - Many are lamenting not purchasing bitcoin now that its value has skyrocketed. Recently, Massachusetts Secretary of State William Galvin warned investors to stay away from...more

OCR Warns Health Care Industry of Risks with Previous Employees

In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more

CAS Legal Mailbag Question of the Week – December, 2017

by Shipman & Goodwin LLP on

Dear Legal Mailbag: As the principal of a middle school, life is always interesting and I have learned a lot. However, last week something came up that I have heard about but never had to address. Originally published...more

Office of Civil Rights Issues Guidance on HIPAA in Light of Opioid Crisis

by Burr & Forman on

With an increased focus on opioid use and addiction, the Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) has issued guidance related to the Health Insurance Portability and Accountability Act of...more

ICYMI: PrivSec’s Weekly News Picks

by Davis Wright Tremaine LLP on

IAB Europe reported that it “presented a new technical standard to support the digital advertising ecosystem in meeting requirements relating to user consent under the General Data Protection Regulation (GDPR).” The...more

A Reminder of OCR Guidance Regarding Students With ADHD

by Tucker Arensberg, P.C. on

School Districts should keep in mind last year’s guidance from the U.S. Department of Education Office of Civil Rights (OCR) that students with attention deficit/hyperactivity disorder (ADHD) are entitled to equal educational...more

Increased Focus For School Website Accessibility

by Roetzel & Andress on

Recently, website accessibility has become a hot topic for schools across the country. Over the last year, the United States Department of Education, Office of Civil Rights (OCR), has escalated the legal expectation that...more

"Breaking Bad" News: Sharing PHI During Opioid Crisis

by Baker Ober Health Law on

In response to President Trump's declaration of the opioid crisis as a public health emergency, the Office for Civil Rights (OCR) released guidance intended to educate health care providers on how they can respond to requests...more

Healthcare Data Breaches Continue but Fell in October

The news about data breaches always seems to be dire lately. Some good news: data breaches in the healthcare industry were lower in October than in September, based upon reportable data breaches to the Office for Civil Rights...more

1,014 Results
|
View per page
Page: of 41
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.