HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
Following the Office for Civil Rights (OCR) recent publication of four settlements as part of a new Risk Analysis Audit Initiative. We explore the current regulatory language for Risk Analysis, the proposed language for Risk...more
Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more
The long-rumored plan to dismantle the U.S. Department of Education (DOE) took a formal step forward on March 20, 2025, when President Trump signed an Executive Order calling for the agency’s closure. While headlines suggest...more
On March 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil money penalty (“CMP”) of $200,000 against Oregon Health & Science University (“OHSU”) for failing to...more
On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more
On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more
Earlier this year, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) adopted a new proposal to strengthen the Health Insurance Portability and Accountability Act (HIPAA) security standards...more
Explore the comprehensive Title VI resources exclusively available to ATIXA members, designed to support your compliance efforts and keep you ahead of the curve. This webinar showcases curated materials, templates, evolving...more
Join the first in ATIXA’s Guide to Title VI Compliance & Best Practice webinar series to explore our training and certification pathways for Title VI compliance. A strong internal training plan is essential for higher...more
As California private employers of 100 or more employees and/or 100 or more workers hired through labor contractors may know, it is time to annually report pay, demographic, and other workforce data to the Civil Rights...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
Eyeglass manufacturer and retailer Warby Parker recently settled a 2018 data breach investigation by the Office for Civil Rights (OCR) for $1.5 million. According to OCR’s press release, Warby Parker self-reported that...more
The U.S. Department of Education’s Office for Civil Rights (OCR) issued a Dear Colleague Letter (DCL) directing educational institutions that they are prohibited from using race in decisions pertaining to admissions, hiring,...more
On February 14, 2025, the United States Department of Education, Office for Civil Rights (OCR) issued guidance clarifying how the Department will interpret federal laws that prohibit schools and other entities receiving...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more
In the final days of the Biden Administration, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Security Rule under the Health...more
The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more
Confirming an anticipated policy shift, the U.S. Department of Education’s Office for Civil Rights (OCR) announced on Jan. 31, 2025 that it will enforce Title IX under the 2020 Title IX Rule. The announcement came after a...more
How to engage in name, image, and likeness activities (NIL) without running afoul of Title IX of the Education Amendments of 1972 is a question colleges and universities have wrestled with since the NCAA first permitted the...more
On April 22, 2024, the Health and Human Services’ Office for Civil Rights (OCR) issued the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule. The final rule limits the sharing of protected health...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more
Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more
As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more
Bradley is launching a multipart blog series on the U.S. Department of Health and Human Services’ (HHS) proposed changes to strengthen cybersecurity protections for electronic protected health information (ePHI) regulated...more