HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
We just want to provide a friendly reminder that, before key staff depart for the holidays, HIPAA covered entities and business associates should finalize their compliance with the 2024 HIPAA amendments related to...more
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
Effective June 25, 2024, the U.S. Department of Health & Human Services’ Office for Civil Rights (HHS) issued a Final Rule modifying the HIPAA Privacy Rule to enhance reproductive health care privacy. This change follows the...more
In the wake of the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization and subsequent state abortion bans, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services issued a...more
The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more
On April 26, the US Department of Health and Human Services Office for Civil Rights (OCR) published a Final Rule that adds protections under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule...more
On March 18, 2024, the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services ("HHS") published updated guidance on the use of online tracking technologies by HIPAA covered entities and business...more
On March 18, 2024, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued revised guidance on the use of tracking technologies by HIPAA-covered entities and business associates....more
On March 18, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released updated guidance to “increase clarity” for entities regulated by the Health Insurance Portability and Accountability...more
The long-anticipated final rule addressing substance use disorder (SUD) records at 42 C.F.R. Part 2, commonly referred to as Part 2, is here. The final rule is a joint undertaking by the U.S. Department of Health and Human...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
On November 20, 2023, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Saint Joseph’s Medical Center for potential violations of the Health Insurance...more
The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more
On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
Data governance is a mission-critical issue for every company and institution in the United States. GCs face a host of pressing cybersecurity concerns. Triaging them requires time, attention, and a well-rounded strategy...more
Washington greatly expanded the protection for consumers’ identifiable health information by enacting the “My Health My Data Act” (MHMDA), in an effort to close the gap between HIPAA protections and the laws protecting the...more
Regulatory enforcement and large litigation relating to the use of third party trackers on companies’ websites and applications have been on the rise. Tracking often occurs without the companies’ knowledge or consent. Third...more
On December 1, 2022, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a Bulletin to highlight the obligations of HIPAA-covered entities and business associates when using...more
In the wake of the Supreme Court’s decision to overturn Roe v. Wade, which interpreted a right to abortion in the Constitution through the 14th Amendment, the Department of Health and Human Services (HHS) Office of Civil...more
On June 29, in response to the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, the U.S. Department of Health & Human Services Office for Civil Rights (HHS OCR) issued guidance on when entities...more
Does HIPAA prevent businesses from asking whether customers or clients are vaccinated? (No). Does HIPAA prevent an employer from requiring an employee to disclose vaccination status? (No). Does HIPAA prohibit doctors from...more
Given the COVID-19 vaccine mandates, employers—including healthcare entities—will need to confirm their employees’ vaccination status. Employers and healthcare providers must ensure they comply with privacy rules relating to...more
On December 10, 2020, the Department of Health and Human Services, Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) to revise the HIPAA Privacy Rule. The proposed revisions to the Privacy Rule seek...more
On June 12, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued timely HIPAA guidance (Guidance) regarding solicitations of blood and plasma donations from recovered COVID-19 patients....more