News & Analysis as of

Office of Civil Rights

Your (Privacy) Fate Is Sealed…

by Husch Blackwell LLP on

For over twenty years, my father was a wholesale seafood supplier. One day over dinner (probably lobster, because that’s just how we rolled), my father tells us that he has hired an off-duty US Department of Agriculture...more

Compliance With HIPAA—Help For Small And Mid-Sized Providers

by Akerman LLP on

Based on the results of the Office for Civil Rights (OCR) Health Insurance Portability and Accountability Act of 1996 (HIPAA) Phase 2 desk audits for covered entities, small and mid-sized providers (Smaller Providers) are on...more

Changes to Office for Civil Rights' New Case Processing Manual: What You Need to Know

by Barley Snyder on

In March the U.S. Department of Education’s Office for Civil Rights (OCR) issued its updated case processing manual to clear a backlog of complaints filed under civil rights laws....more

Federal Enforcement Isn’t the Only HIPAA Concern—States Flex Their Muscles

by McGuireWoods LLP on

Despite the lack of significant settlements for HIPAA enforcement by the federal Office of Civil Rights (OCR) so far in 2018, states have not hesitated to patrol privacy and security breach activity and take action against...more

What HIPAA Policies are Required for a Health Care Provider?

by Ruder Ware on

We are often asked to advise clients regarding the scope and content of Health Insurance Portability and Accountability (HIPAA) policies and procedures that are required to be maintained. HIPAA clearly requires health care...more

Is OCR Moving the Goal Posts on Vendor Management?

Recent statements at the 27th National HIPAA Summit suggest that the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) may be changing its position and expecting a greater level of vendor due...more

New Developments Put the Spotlight on Federal Healthcare Provider Conscience Protections

In January 2018, HHS unexpectedly announced a newly proposed regulation entitled “Protecting Statutory Conscience Rights in Healthcare,” which proposes new prohibitions and notice requirements for institutional healthcare...more

When Does a HIPAA Breach Exist?

by Ruder Ware on

Conducting HIPAA Breach Risk Assessments - The HIPAA rules relating to assessment of potential patient confidentiality breaches were changed in 2013. Specifically, on January 17, 2013, the Office of Civil Rights released...more

Department of Health and Human Services Proposes New Rule For Healthcare Workers In The Name of Religious Freedom

by Akerman LLP - HR Defense on

Healthcare employers take note: the Department of Health and Human Services (“HHS”) has issued a proposed rule that, if passed, will allow healthcare workers who object to performing certain medical procedures like abortions...more

HIPAA in Due Diligence (Part I): Four Key Diligence Questions

by McGuireWoods LLP on

Health Information Highlight - Welcome to a three-part series that will examine several ways to efficiently identify, address, and mitigate gaps in HIPAA compliance in transaction diligence. A target’s value is often...more

Is HIPAA A Sleeping Giant?

by McGuireWoods LLP on

So far, 2018 has been a light year in terms of HIPAA enforcement. There have been only two publicly-disclosed settlements. But that doesn’t mean covered entities and business associates should let their guard down and...more

HIMSS18: What We Learned in Vegas Doesn’t Have to Stay in Vegas

Complex. Hard. Humbling. These are the descriptors former Google CEO Eric Schmidt used last week at the HIMSS 2018 Annual Conference in Las Vegas to describe the work to be done in health information technology (HIT). ...more

473,807 Patient Records Compromised in January, 2018—83 Percent Caused by Hacking Incidents

The recently released Protenus Healthcare Breach Barometer report notes that in January, 2018, at least 473,807 patient records were compromised in 37 breaches reported to the Office for Civil Rights. ...more

Cost-Benefit Analysis 101 For Healthcare Providers

by Jackson Lewis P.C. on

Nary a week goes by without news of a data breach by a healthcare provider…while there are certainly a good number of breaches resulting from a breach of cybersecurity defenses or from the wrongful exploitation of system...more

Health And Human Services’ OCR Chief: No Slowdown In HIPAA Enforcement

by Fox Rothschild LLP on

Roger Sevrino, director of the Department of Health and Human Services’ Office of Civil Rights, told HIMSS18 conference attendees this week that he plans no slowdown in HIPAA enforcement. “I come from the Department of...more

Involuntary Commitment Laws And Privacy Restrictions

by Fox Rothschild LLP on

In a recent New York Times op-ed piece entitled “How a Bad Law and a Big Mistake Drove My Mentally Ill Son Away,” the father of a young man involuntarily hospitalized under Florida’s Baker Act decries “privacy laws” for...more

Privacy Please: HIPAA and Artificial Intelligence – Part I

What if Artificial Intelligence (AI) is deployed within a health system to apply machine learning to patient information, in part, to allow patients to download information and wellness numbers (such as steps, blood pressure,...more

K&L Gates Triage: Opioid Epidemic: Recent HIPAA Guidance – What Does It Mean?

by K&L Gates LLP on

In the second episode of our series on the national opioid crisis, Gina Bertolini discusses the overlay of recent guidance concerning privacy laws such as the Health Insurance Portability and Accountability Act (HIPAA) and...more

K&L Gates Triage: Triage in 2018: Health Care Topics to Watch in the New Year

by K&L Gates LLP on

We expect 2018 to be another year of rapid change within the health care industry. In this episode, Mary Beth Johnston highlights some of the key topics that the health care practice group will monitor in the coming year,...more

HIPAA reports of 2017 small-scale breaches due March 1, 2018

by Thompson Coburn LLP on

Covered entities that discovered small-scale HIPAA breaches during calendar year 2017 must file notice of such breaches with the Office of Civil Rights (OCR) by March 1, 2018. Under HIPAA rules, covered entities do not...more

Liability for HIPAA Violations Continues after a Business Ceases Operations

by Arnall Golden Gregory LLP on

On February 13, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its settlement with Filefax, Inc. to resolve alleged violations of the HIPAA Privacy Rule. Filefax was a...more

Liquidator of a Shuttered Business Associate Agrees to $100k Payment for Alleged HIPAA Violations

On February 13, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that a receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $100,000 to settle...more

Data Privacy + Cybersecurity Insider - February 2018 #4

by Robinson & Cole LLP on

U.S. Estimates that Cyber Hacks Cost Up to $109 Billion in 20 - The Council for Economic Advisors (CEA) issued a report this month, entitled “The Cost of Malicious Cyber Activity to the U.S. Economy,” which concludes that...more

HIPAA Enforcement Survives Closure of Business

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced a $100,000 settlement with a company that is no longer in business. Filefax, Inc. (Filefax) was an Illinois company that...more

Dumpster Diving Leads to $100,000 Fine for Defunct Business Associate Due to Improper Disposal of Medical Records

On February 13, 2018, the HHS Office for Civil Rights (OCR) announced a $100,000 settlement with a court-appointed receiver representing Filefax, Inc. (Filefax) arising from the 2015 discovery of medical records that...more

1,054 Results
|
View per page
Page: of 43
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.