News & Analysis as of

Penalties Office of Civil Rights

2017 HIPAA Enforcement – Appears Not To Be Slowing Down

by Snell & Wilmer on

To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts. However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of...more

Lack of Timely Action and Knowledge of Risk Results in $3.2 Million Civil Monetary Penalty for HIPAA Violations

Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more

Health Law Insights Newsletter - Issue 13

by McCarter & English, LLP on

McCarter & English, LLP’s Health Care Group presents Issue 13 of the Health Law Insights, which discusses the latest legal issues in the health care industry. - Failure to Update Business Associate Agreement Results in...more

OCR Announces First HIPAA Enforcement Action against a Business Associate

by Ballard Spahr LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

Business Associate Settles HIPAA Investigation for $650,000

by Lathrop Gage on

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines

by Wilson Elser on

Long-awaited omnibus regulations (Omnibus Rule) adopted earlier this year by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) made significant modifications impacting “business associates” to...more

WellPoint agrees to pay $1.7M in HIPAA penalties: what this tells you

by DLA Piper on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced that WellPoint, Inc. agreed to pay $1.7 million to settle potential violations of the Health Insurance Portability and...more

Shasta Regional Medical Center Pays $275,000, Enters into Corrective Action Plan to Resolve Alleged HIPAA Privacy Rule Violations...

by King & Spalding on

Shasta Regional Medical Center (Shasta) has agreed to pay $275,000 and enter into a corrective action plan (CAP) with the U.S. Department of Health and Human Services Office for Civil Rights (OCR) to resolve allegations that...more

Is Your Firewall On? Are You Sure? Idaho State University Settles Privacy Rule Violations for $400,000

by Baker Donelson on

The HHS Office of Civil Rights (OCR) recently announced a $400,000 settlement with Idaho State University (ISU) following a lengthy investigation of the privacy and security practices at ISU outpatient clinics. In addition to...more

Large Educational/Health System Targeted For HIPAA Enforcement

by Pepper Hamilton LLP on

Idaho State University (ISU) was recently the target of an investigation and enforcement action for violations of the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA)....more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

by Womble Bond Dickinson on

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

HHS Publishes Long-Awaited Final Omnibus Rules for HIPAA

by Snell & Wilmer on

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more

HITECH Omnibus Rule Basics

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

The HIPAA/HITECH Final Rule Has Been Released

by BakerHostetler on

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

Boston-Area Hospital to Pay $1.5 Million to Settle HIPAA Violations Over Security Breach

by Thompson Coburn LLP on

On September 17, 2012, Massachusetts Eye and Ear Infirmary, a Boston area hospital, has agreed to pay $1.5 million to the U.S. Department of Health and Human Services to settle allegations of violations of the HIPAA Security...more

Health Law Alert: Medicaid Pays $1,700,000 to Settle HIPAA Security Violations

by Baker Donelson on

In its first enforcement action against a state agency, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled last month with Alaska’s Department of Health and Social Services (DHSS) for...more

17 Results
|
View per page
Page: of 1
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.