News & Analysis as of

Office of Civil Rights Personally Identifiable Information

ArentFox Schiff

Federal Court Scales Back HIPAA Online Tracking Technology Guidance

ArentFox Schiff on

On June 20, a federal district court in Texas ruled that the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) exceeded its authority under the Health Insurance Portability and Accountability Act...more

Ballard Spahr LLP

2024 HIPAA Developments

Ballard Spahr LLP on

Over the course of the past few months, the Office of Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC), both of which are divisions of the U.S. Department of Health and...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Troutman Pepper

Your Organization Has Suffered a Data Incident: Now Here Are the Regulators It Will Likely Encounter

Troutman Pepper on

Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it...more

Proskauer on Privacy

FTC and OCR Unite to Safeguard Hospital and Telehealth Data from Online Tracking Threats

Proskauer on Privacy on

On July 20, 2023, the Federal Trade Commission (“FTC”) and the Office for Civil Rights of the United States Department of Health and Human Services (“OCR”) announced that they had sent a warning letter to about 130 hospital...more

Console and Associates, P.C.

Mount Desert Island Hospital Notifies 24,180 of Data Breach Involving Leaked Social Security Numbers

On June 30, 2023, Mount Desert Island Hospital (“MDIH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had gained...more

McDermott Will & Emery

HHS Issues Guidance on Requirements Under HIPAA for Online Tracking Technologies, Addressing Privacy and Security Concerns Related...

McDermott Will & Emery on

On December 1, 2022, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) issued a Bulletin on the obligations of covered entities and business associates (regulated entities) under the...more

Sheppard Mullin Richter & Hampton LLP

OCR Releases Guidance on Use of Tracking Technologies

Most companies operating websites and mobile apps use some form of tracking technologies on these digital properties. While these types of technologies have been used for some time and serve a variety of purposes, the use of...more

Holland & Knight LLP

HHS Offers HIPAA Guidance on Online Tracking Technologies

Holland & Knight LLP on

For years, patients and healthcare companies have been wrestling with privacy issues relating to cookies, pixels and other tracking technologies. The U.S. Department of Health and Human Services' (HHS) Office of Civil Rights...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 22, Number 6. Privacy Briefs: June 2022

Report on Patient Privacy 22, no. 6 (June, 2022) - A report from the HHS Health Sector Cybersecurity Coordination Center (HC3) found that in early 2022, ransomware groups increasingly turned to legitimate software during...more

Robinson+Cole Data Privacy + Security Insider

Reporting of Breaches Under 500 Due by March 1

HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals no later than...more

Sheppard Mullin Richter & Hampton LLP

HIPAA Privacy Rule Modification – Removing Barriers and Promoting Coordinated Care at What Cost?

On May 6, 2021, the comment period for the proposed modification to regulations implementing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and Health Information Technology for...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - April 2021

Robinson & Cole LLP on

CYBERSECURITY - GAO Report Identifies Need for DOE to Address Risks to Electrical Distribution System - The United States Government Accountability Office (GAO) recently completed and published a study on electricity...more

Robinson+Cole Health Law Diagnosis

OCR Announces it Will Not Impose HIPAA Penalties for Use of COVID-19 Vaccine Scheduling Apps

The Office of Civil Rights (OCR) issued a notice this week stating that it will not impose penalties for HIPAA non-compliance in connection with a covered entity health care provider’s or business associate’s good faith use...more

Robinson+Cole Data Privacy + Security Insider

Excellus Health Plan Pays $5.1M to OCR in Settlement Following Data Breach

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that it had entered into a Resolution Agreement, Corrective Action Plan, and settlement with Lifetime Healthcare, Inc., the...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 21, Number 1. Privacy Briefs: January 2021

Report on Patient Privacy 18, no. 1 (January 2021) - The HHS Office for Civil Rights (OCR) settled its 13th enforcement action in its Right of Access Initiative, first announced in 2019 to support individuals’ rights to...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - November 2020 #3

Robinson & Cole LLP on

CYBERSECURITY - HHS Issues Update to Ransomware Threat Alert to Health Care Sector - The Department of Health and Human Services’ (HHS) Division of Critical Infrastructure Protection (CIP) issued a health care and public...more

Health Care Compliance Association (HCCA)

From Her Words to OCR's Ears: 'Dissent' Seeks to Hold Hackers, Leakers Accountable

Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more

Arnall Golden Gregory LLP

Two New HIPAA Settlements Announced as OCR Enforcement Streak Continues

In a continuation of its recent enforcement streak, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced two new HIPAA settlements last week. The first settlement is with Aetna Life...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - October 2020 #3

Robinson & Cole LLP on

CYBERSECURITY - Patching Gets More and More Complicated but Is Critical for Managing Risk - Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as...more

Robinson+Cole Data Privacy + Security Insider

Community Health Systems, Inc. Settles for $5 M in Multi-State Settlement

On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a...more

Rivkin Radler LLP

Anthem Agrees to $48 Million Multi-State Settlements Over 2014 Data Breach

Rivkin Radler LLP on

Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more

Robinson+Cole Data Privacy + Security Insider

Premera Blue Cross Settles with OCR for $6.85 Million for Breach of 10.4 Million Records

Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more

Robinson+Cole Data Privacy + Security Insider

Athens Orthopedic Settles with OCR for $1.5M for Data Breach

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more

Robinson+Cole Data Privacy + Security Insider

HIPAA Business Associate Pays $2.3 Million Settlement After Hackers Target PHI of Over 6 Million Individuals

Health care providers and contractors continue to be a popular target for hackers. Recently, CHSPSC LLC (CHSPSC), which provides various services to hospitals and clinics indirectly owned by Community Health Systems, Inc. of...more

164 Results
 / 
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide