HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
On March 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil money penalty (“CMP”) of $200,000 against Oregon Health & Science University (“OHSU”) for failing to...more
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
Last week, HHS Office of Civil Rights (OCR) announced a settlement with a Pennsylvania provider (the Provider) concerning an alleged violation of the HIPAA Privacy Rule. Specifically, the Provider impermissibly disclosed a...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
The Association of American Universities (AAU) and the Council on Governmental Relations (COGR) are among a handful of groups “urging the Biden administration to rescind a policy proposal that would threaten the American...more
H. Lee Moffitt Cancer Center & Research Institute Hospital Inc. in Tampa, Florida, has agreed to pay $19.564 million to settle false claims allegations over claims submitted to federal health care programs for items and...more
The start of 2023 has brought with it significant changes to data privacy – new state laws concerning data privacy came into effect January 1 (the California Privacy Rights Act and the Virginia Consumer Data Protection Act),...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) continues its enforcement activities to emphasize compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s...more
The Office of Civil Rights of the Department of Health and Human Services (“OCR”) announced the resolution of three more right of access cases, bringing the total to a whopping 41 since the start of its drive to increase...more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
Health care technology has seen an incredible amount of change over the past twelve months. As health care providers and entities continue to provide patient care in unprecedented times, it is becoming increasingly important...more
Report on Medicare Compliance 30, no. 2 (January 18, 2021) - Recovery audit contractors (RACs) may soon be auditing positron emission tomography (PET) for initial treatment strategy in oncologic conditions for compliance...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
In a flurry of recent activity, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced eight resolution agreements since September 15, 2020. These resolution agreements settle...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more
Compliance Today (February 2020) - On December 19, the U.S. Department of Education and the Office for Civil Rights at the U.S. Department of Health and Human Services announced the release of the “updated joint guidance...more
This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more
Report on Patient Privacy 19, no. 12 (December 2019) - Sentara Hospitals, a nonprofit group of 12 medical centers in Virginia and North Carolina, will implement a fairly minimal two-year corrective action plan (CAP) and...more
Compliance Today (November 2019) - On September 9, 2019, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services announced its first enforcement action and settlement in its Right of Access...more
Enforcement activity by the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) showed no signs of slowing throughout 2018 and has already picked up speed in 2019. More recent and significant actions...more
The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more
The injuries suffered by a professional football player brought the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA") onto center stage of the media during the days...more
A tip from a local Denver news outlet lead to a compliance review, investigation and ultimately a resolution agreement between the Department of Health and Human Services’ Office for Civil Rights (“OCR”) and Denver-based...more