HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
Report on Medicare Compliance 29, no. 28 (August 3, 2020) - The 2017 theft of an unencrypted laptop is at the heart of a new HIPAA settlement with Lifespan Health System Affiliated Covered Entity (Lifespan ACE) in Rhode...more
Report on Research Compliance 17, no. 1 (January 2020) - Ah, those pesky residents. If you’re a teaching hospital, you can’t live without them, right? But sometimes living with them is mighty costly, as the University of...more
This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more
This article is part of a series of blog posts exploring the recommendations and guidance Health & Human Services (HHS) provides to healthcare organizations in its Cybersecurity Best Practices report. The report on...more
The American Institute of CPAs (AICPA), has released a risk management reporting framework intended to "establish a common, underlying language for Cybersecurity risk management reporting — almost akin to US GAAP or IFRS...more
In the first known case involving a wireless provider, a cardiology service provider agreed to pay a $2.5 million settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI)....more
A recent settlement of $2.5 million for alleged violations of the Health Insurance Portability and Accountability Act ("HIPAA") continues a trend of government enforcement targeting health care providers and vendors that fail...more
Federal regulators announced last week that Illinois’ largest hospital chain would pay $5.5 million, a record payment under the Health Insurance Portability and Accountability Act (HIPAA), in connection with three 2013 data...more
Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more
On March 16, 2016, the Office for Civil Rights (OCR) issued a press release announcing that it has settled its investigation of North Memorial Health Care System (NMHCS), located in Minnesota, for $1.55 million saying that...more
On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more
St. Elizabeth’s Medical Center (SEMC), a tertiary care hospital based in Brighton, Mass., agreed to pay $218,400 to address deficiencies in its HIPAA compliance activities. The SEMC settlement continues a pattern of...more