News & Analysis as of

Protected Health Information

What Is Compliance?

by Zapproved LLC on

A quick guide to understanding ediscovery rules and regulations In ediscovery, compliance means adhering to the laws and regulations for every jurisdiction where an organization does business. Generally speaking, those...more

Compliance With HIPAA—Help For Small And Mid-Sized Providers

by Akerman LLP on

Based on the results of the Office for Civil Rights (OCR) Health Insurance Portability and Accountability Act of 1996 (HIPAA) Phase 2 desk audits for covered entities, small and mid-sized providers (Smaller Providers) are on...more

Massachusetts Enacts Law Providing Greater Privacy Of Health Insurance Information

by Jackson Lewis P.C. on

Health insurance carriers often provide explanation of benefits (EOB) summaries to the policyholder specifying the type and cost of health care services received by dependents covered by the policy. EOBs often disclose...more

New Jersey AG Fines Virtua Medical Group $418,000 for Data Breach Caused by Vendor

The New Jersey Attorney General announced this week that it has fined Virtua Medical Group, which is comprised of more than 50 medical practices in New Jersey for failing to protect the privacy of 1,650 patients when their...more

New York State Attorney General Settles Data Breach With Health Plan In An Unprecedented Settlement With HIPAA Compliance...

by Akerman LLP on

New York Attorney General Eric Schneiderman has been in hot pursuit of organizations in his state that fail to maintain the security and privacy of personal information. On March 6, 2018, the Attorney General’s office...more

Federal Enforcement Isn’t the Only HIPAA Concern—States Flex Their Muscles

by McGuireWoods LLP on

Despite the lack of significant settlements for HIPAA enforcement by the federal Office of Civil Rights (OCR) so far in 2018, states have not hesitated to patrol privacy and security breach activity and take action against...more

“Your Own Cybersecurity Is Not Enough”: NJ Physician Practice Fined Over $400,000 For Data Breach Caused By Vendor

by Jackson Lewis P.C. on

Last week, New Jersey Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices...more

When Data Is Like Toothpaste

by Fox Rothschild LLP on

In 1973, President Richard Nixon’s Chief of Staff H.R. Haldeman warned White House Counsel John Dean against talking to prosecutors investigating the growing Watergate scandal, telling him “Once the toothpaste is out of the...more

What HIPAA Policies are Required for a Health Care Provider?

by Ruder Ware on

We are often asked to advise clients regarding the scope and content of Health Insurance Portability and Accountability (HIPAA) policies and procedures that are required to be maintained. HIPAA clearly requires health care...more

Springtime for HIPAA

by Ballard Spahr LLP on

The virtual world offers opportunities and obligations not found in nature. For a couple of years, my wife has followed the adventures of a bonded eagle couple, Liberty and Freedom, residing in the hills near Hanover,...more

Is OCR Moving the Goal Posts on Vendor Management?

Recent statements at the 27th National HIPAA Summit suggest that the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) may be changing its position and expecting a greater level of vendor due...more

When Does a HIPAA Breach Exist?

by Ruder Ware on

Conducting HIPAA Breach Risk Assessments - The HIPAA rules relating to assessment of potential patient confidentiality breaches were changed in 2013. Specifically, on January 17, 2013, the Office of Civil Rights released...more

Grindr Grinds Users' Gears by Reportedly Sharing Users’ HIV Status

by Murtha Cullina on

In the wake of the Facebook and Cambridge Analytica scandal, another social media company, Grindr, a gay dating app, has come under scrutiny for its sharing of sensitive personal information with third parties. In particular,...more

HIPAA in Due Diligence (Part II): Cloud Server Data and HIPAA Compliance

by McGuireWoods LLP on

Welcome back to our three-part series examining ways to efficiently identify, address and mitigate gaps in HIPAA compliance in transaction diligence. In Part I of this series, we discussed four key diligence questions upon...more

DC Circuit shuts down effort to limit TCPA liability for communicating health information

by Dechert LLP on

The U.S. Court of Appeals for the D.C. Circuit, on March 16, 2018, struck a blow to healthcare industry efforts to exclude certain communications subject to the Health Insurance Portability and Accountability Act (HIPAA) from...more

Cyber Breach-Related Shareholder Suit Against Yahoo Settles for $80 Million. Is this the Start of a Trend?

It was inevitable. Heretofore, a majority of public companies that experienced a cyber breach, followed by a shareholder suit alleging either a violation of Section 10(b) of the Securities Exchange Act of 1934 or a breach of...more

Is HIPAA A Sleeping Giant?

by McGuireWoods LLP on

So far, 2018 has been a light year in terms of HIPAA enforcement. There have been only two publicly-disclosed settlements. But that doesn’t mean covered entities and business associates should let their guard down and...more

Union Requests for Medical Information: Do You Have to Provide It?

Employers often receive requests for medical information from the unions representing their employees. These requests come up in a variety of contexts and include...more

What All Employers Need to Know About Protecting Employee Health Information

Employers obtain employee health information in a number of ways—most commonly, in relation to a work-related injury or when an employee requests medical leave or a disability accommodation. Most employers understand that...more

Not So Fast! HIPAA (Surprisingly) Doesn’t Apply To THAT!

by Fox Rothschild LLP on

Many employers who have had it drilled into them that HIPAA applies to protected health information (PHI) of employees are often surprised to learn that the applicability of HIPAA to employee health information (EHI) is...more

473,807 Patient Records Compromised in January, 2018—83 Percent Caused by Hacking Incidents

The recently released Protenus Healthcare Breach Barometer report notes that in January, 2018, at least 473,807 patient records were compromised in 37 breaches reported to the Office for Civil Rights. ...more

Verizon Protected Health Information Data Breach Report Concludes that Insiders Are Greatest Threat to Health Care Entities

Verizon recently issued its Protected Health Information (PHI) Data Breach Report, which is always an interesting read. Not surprisingly, Verizon’s report concludes that based upon analysis of 1,360 security incidents...more

Data Privacy + Cybersecurity Insider - March 2018 #3

by Robinson & Cole LLP on

Verizon's Protected Health Information Data Breach Report Concludes that Insiders Are Greatest Threat to Health Care Entities - Verizon recently issued its Protected Health Information Data Breach Report, which is always...more

Cost-Benefit Analysis 101 For Healthcare Providers

by Jackson Lewis P.C. on

Nary a week goes by without news of a data breach by a healthcare provider…while there are certainly a good number of breaches resulting from a breach of cybersecurity defenses or from the wrongful exploitation of system...more

Healthcare Business Owners—HIPAA Still Applies After Closing Down Your Business

by Farrell Fritz, P.C. on

Filefax, Inc. (“Filefax”), an Illinois company that intimately handled sensitive Personal Health Information (“PHI”), paid $100,000 to the Department of Health and Human Services (“HHS”) to settle potential violations of the...more

1,234 Results
|
View per page
Page: of 50
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.