News & Analysis as of

Office of Civil Rights Dept. of Health and Human Services

Lessons To Be Learned From The Breach Of Nearly 500,000 Individual Health Records Reported In September 2017

by Jackson Lewis P.C. on

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the...more

Latest OCR Cybersecurity Newsletter Tackles Mobile Devices

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) released its October Cybersecurity Newsletter last week with a focus on mobile devices. Given the amount of work conducted on mobile devices...more

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

by Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

Balancing Convenience and Risk: OCR Issues Statement on Use of Mobile Devices

by McGuireWoods LLP on

The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) recently issued guidance emphasizing the increased risks of using mobile devices in the workplace when the mobile devices contain or have...more

HHS Office for Civil Rights Issues Guidance on How HIPAA Allows Information Sharing to Address the Opioid Crisis

Following President Trump’s declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights has released new guidance on when and how health care providers can share a...more

Health Care E-Note - October 2017

by Burr & Forman on

Health care providers are constantly receiving requests for copies of patient medical records. Some requests come by way of the patient exercising his/her right to access his/her medical records, some come by way of patient...more

ACA’s Nondiscrimination Taglines and Notices Require Updating Your Notice of Privacy Practices

by Davis Wright Tremaine LLP on

There has been confusion as to whether the Affordable Care Act’s nondiscrimination provision (“ACA”) affects a covered entity’s notice of privacy practices (“NPP”) or data breach notifications. OCR has issued guidance...more

In the Wake of Harvey and Irma, OCR Reminds Providers of HIPAA Rules

As Texas, Florida, and the Caribbean rebuild after the latest string of deadly hurricanes and prepare for the possibility of future storms, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR)...more

NY AG Fines Healthcare Firm $130,000 for Improperly Delaying Breach Notices to Consumers Due to an FBI Investigation

by Arnall Golden Gregory LLP on

On June 15th, New York Attorney General Eric Schneiderman announced a settlement with CoPilot Provider Support Services Inc. to resolve allegations that the company improperly delayed notice to more than 220,000 consumers of...more

How Can Healthcare Organizations Prepare for the Next Cyberattack?

by Latham & Watkins LLP on

HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more

Tick Tock Tick Tock, When a Breach Occurs, You’re on the Clock!

As a reminder that state attorneys general have enforcement authority over breach notifications, the New York Attorney General recently announced a $130,000 settlement for a failing to provide breach notification in a...more

Public-Private Partnerships Could Bolster Healthcare Cybersecurity Efforts

by Jackson Lewis P.C. on

Protecting data in the healthcare industry continues to be an area of focus for regulators and lawmakers. HIPAA Journal noted that in 2016 more HIPAA covered entities reported breaches than in any other year since the U.S....more

Increased Focus on Health Care Cybersecurity: HHS Releases Long-Awaited Report and Cyber Attack Quick-Response Checklist

by McGuireWoods LLP on

The U.S. Department of Health & Human Services (HHS) issued a recent report noting that cybersecurity is a key public health concern that needs “immediate and aggressive attention.” Shortly thereafter, HHS’ Office for Civil...more

Healthcare Data Breach Enforcements and Fines

by Bryan Cave on

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

AGG Food and Drug Newsletter - June 2017

by Arnall Golden Gregory LLP on

Arnall Golden Gregory LLP's Food and Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community, including regular updates on legislative initiatives from AGG’s Washington, DC...more

My Entity Just Experienced a Cyber-Attack! What Do We Do Now?

by Balch & Bingham LLP on

On June 9, 2017, the U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) released a cyber-attack “Quick Response” checklist (the Checklist) for the benefit of HIPAA covered entities and business...more

New HHS Cybersecurity Preparedness Checklist

by Carlton Fields on

The Department of Health and Human Services’ Office of Civil Rights (OCR) recently published a checklist to guide HIPAA-covered entities and business associates through an appropriate response to a ransomware or cybersecurity...more

$387,200 Fine from HHS OCR for the Improper Disclosure of PHI to an Employer and a Volunteer Organization

by Arnall Golden Gregory LLP on

On May 23, 2017, the Department of Health and Human Services Office of Civil Rights (HHS OCR) announced a settlement with St. Luke’s-Roosevelt Hospital Center, part of the Mount Sinai Health System, to resolve allegations...more

OCR Publishes Checklist and Infographic for Cyber Attack Response

OCR released a simple checklist and infographic last week to assist Covered Entities and Business Associates with responding to potential cyber attacks. As cybersecurity remains a pressing concern for health care entities,...more

ALERT – OCR Issues Quick Response Cyber Attack Checklist and Graphic

by Sedgwick LLP on

In the aftermath of the recent WannaCry ransomware attack and the May 12, 2017 notification from Laura Wolf, Critical Infrastructure Protection Lead of Health and Human Services (HHS) discussed in Cinthia Motley’s May 13,...more

Healthcare Law Update: June 2017

by Holland & Knight LLP on

Medicaid - Florida's Medicaid Third-Party Liability Act Pre-empted by Federal Law - By Eddie Williams - In Gallardo v. Dudek, Sec. of Florida Agency for Health Care Administration, No. 4:16cv116-MW/CAS, 2017 WL...more

Impermissible Disclosure of HIV Information Results in $387,000 HIPAA Settlement

St. Luke’s-Roosevelt Hospital Center, Inc. (SLRHC), a member of the New York-based Mount Sinai Health System, paid $387,000 to the U.S. Department of Health and Human Services (HHS) and entered into a corrective action plan...more

The Future Of The Patient Protection And Affordable Care Act May Be Uncertain… But HIPAA Is Here To Stay

by Fraser Trebilcock on

While the future of the Patient Protection and Affordable Care Act and any potential replacement legislation is still in question, the Office for Civil Rights (“OCR”) within the U.S. Department of Health and Human Services...more

HIPAA Settlement With Wireless Health Services Provider Is Less Than Meets The Eye

by King & Spalding on

On April 24, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) announced a $2.5 million HIPAA settlement with CardioNet, a wireless health services provider. CardioNet provides remote mobile...more

Memorial Hermann’s Use of Patient Name in Press Release Leads to $2.4 Million HIPAA Settlement

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced another large HIPAA-related settlement last week with Memorial Hermann Health System (Memorial Hermann), the largest not-for-profit...more

406 Results
|
View per page
Page: of 17
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.