HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more
After months of uncertainty and multiple letters from industry associations advocating on behalf of the healthcare industry with the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR), covered...more
The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more
On February 16, 2024, the HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) published a final version of the cybersecurity resource guide (the “Guide”) with respect to the HIPAA...more
Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more
The proliferation of health apps and connected devices that allow individuals to track their health conditions, treatment, medications, fitness, fertility, sleep, mental health, diet and other vital areas has led to increased...more
Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), the agency enforcing the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach...more
Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more
In this edition of our Privacy & Cybersecurity Update, we discuss how the prospect of a new chair and three new commissioners at the FTC may impact the agency's approach to cybersecurity regulation, a new Massachusetts...more
On Jan. 9, 2017, the Department of Health and Human Services Office for Civil Rights (“OCR”) announced the first HIPAA enforcement action for failure to timely report a breach. Often investigating and making formal...more
On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more
There is no doubt that companies face unprecedented volume and variation in both disruptive and intrusive cyberattacks on their networks. Among the different attack methodologies today, ransomware is quickly becoming a major...more
Ransomware is the fastest growing malware threat in the United States, targeting simple home computers to elaborate corporate IT networks. The Federal Bureau of Investigation recently reported an increase in ransomware...more
On July 11, 2016, the U.S. Department of Health & Human Services (HHS) issued a Fact Sheet that provides guidance on (i) how HIPAA Security Rule compliance can assist health care organizations combat ransomware attacks, and...more
As you may have recently read (for example, “HHS/OCR Announces Launch of HIPAA Audit Program Phase 2”), the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has started “Phase 2” of its audit...more
On November 30, 2015, the United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced that Triple-S Management Corporation had agreed to pay $3.5 million to settle potential violations of...more