News & Analysis as of

Protected Health Information

ONC’s Draft Trusted Exchange Framework: Seeking Nationwide Interoperability for Health Information Networks

by Ropes & Gray LLP on

On January 5, 2018, the Office of the National Coordinator for Health Information Technology (“ONC”), an office within the U.S. Department of Health and Human Services, released its Draft Trusted Exchange Framework (the...more

Partner Colin Zick Speaks to Bloomberg BNA about Cyberthreats and Healthcare Data

The federal government has identified two new cyberthreats that put patients’ personal data at risk for exposure. The threats, known as Spectre and Meltdown, exploit a vulnerability in many commercial computer chips...more

Hancock Health Hit with Ransomware That Shuts Down Network

It has been predicted that the healthcare industry will continue to be lambasted with ransomware in 2018. It has also been predicted that attackers will move from taking sensitive information hostage to sabotage, service...more

A Teachable Moment: Hospital Goes Public after Making Ransom Payment

It’s unusual for victims of ransomware to publicly acknowledge that they have paid hackers to go away. But a regional hospital in Indiana has made public its experience last week with a “sophisticated criminal group” as a...more

HIPAA Breach Reporting: 2017 Trends and Mends

by McGuireWoods LLP on

With 2017 having drawn to a close, it is once again time for HIPAA covered entities to complete their annual breach reporting obligations to the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”)....more

Connecticut Recognizes New Cause of Action for Breach of Patient/Physician Confidentiality

by Murtha Cullina on

Based on the decision in a recent Connecticut Supreme Court case, patients may now sue physicians for breaching confidentiality. Previously, Connecticut did not recognize breach of confidentiality as a cause of action. ...more

Connecticut Supreme Court Recognizes New Cause of Action for Patient Privacy Breach

by Shipman & Goodwin LLP on

On January 16, 2018, the Connecticut Supreme Court issued a decision recognizing a common law duty of confidentiality arising from the physician-patient relationship, and the corresponding right of a patient to sue his or her...more

Causes of Healthcare Data Breaches

by Bryan Cave on

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches...more

Connecticut Supreme Court: Health Care Providers Can Be Sued For Unauthorized Disclosures Of Confidential Information

by Jackson Lewis P.C. on

Physician practices and other health care providers respond to numerous requests for confidential patient information from patients and others. Mistakes made by employees fulfilling such requests for medical records or making...more

Post-market medical devices, cybersecurity, and the U.S. FDA’s growing concerns

by Hogan Lovells on

From insulin pumps and pacemakers to defibrillators, medical devices increasingly rely on wireless and internet connectivity for efficient operations. Unfortunately, these interconnections also leave devices vulnerable to an...more

2017 Edition of HIPAA Regulations Released

by Davis Wright Tremaine LLP on

The Code of Federal Regulations has recently published the 2017 version of the HIPAA regulations. This is the most up-to-date “official” version of the HIPAA regulations. We have created a version that includes PDF bookmarks...more

Security Alert: New Meltdown and Spectre Vulnerabilities Impact Computer Processors to Expose Sensitive Information

Last spring the WannaCry ransomware cyber-attack crippled the global economy, impacting over 100,000 organizations throughout 150 countries and generating an estimated $4 billion in losses. The National Health Information...more

Massachusetts Division of Unemployment Assistance Issues Final Regulations Implementing the EMAC Supplemental

As we reported in a previous post, Massachusetts Governor Charlie Baker in August 2017 signed into law H. 3822, “An Act Further Regulating Employer Contributions to Health Care” (the “Act”). Among other things, the law...more

Lessons Learned from Recent OCR HIPAA Audits

Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more

CMS Issues Guidance on Texting Patient Information

On December 28, 2017, the Centers for Medicare and Medicaid Services (CMS) published a memo to state survey agency directors clarifying its position on the use of text messaging among health care providers. ...more

HIPAA access versus authorization

by Bricker & Eckler LLP on

The nuances of the HIPAA right of access rule continue to pose challenges for health systems. Guidance previously released by The U.S. Department of Health and Human Services (HHS) included extensive information on all...more

New CMS Guidance Regarding Health Care Texting and Involuntary Discharges

by Benesch on

The Centers for Medicare and Medicaid Services (CMS) periodically provides guidance to the State Survey Agency Directors which outlines areas of emphasis or important concerns for the health care industry. Two (2) recent...more

Sign On The Dotted Line: New Cook County HIPAA Order Requires Patient Signature

by SmithAmundsen LLC on

A recent decision by the Circuit Court of Cook County -- Marc Shull v. Eric Ellis -- has terminated the entry of “routine” HIPAA protective orders for purposes of litigation and the release of medical records. Prior to this...more

HHS Office for Civil Rights Releases Research-Related HIPAA Guidance Required by 21st Century Cures Act

by Ropes & Gray LLP on

In December 2017, the U.S. Department of Health and Human Services Office for Civil Rights (“HHS OCR”) released two sets of guidance mandated by the 21st Century Cures Act, which was enacted in 2016 (the “Act”). The guidance...more

New cybersecurity threats with potential to impact health care industry identified

by Bricker & Eckler LLP on

On January 4, 2018, the National Health Information Sharing and Analysis Center (NH-ISAC) posted an announcement regarding the cybersecurity threats Meltdown and Spectre that were recently identified....more

CMS Clarifies that Texting of Orders is Not Permitted

by Murtha Cullina on

On December 28, 2017, the Centers for Medicare and Medicaid Services (CMS) issued a Survey and Certification Memorandum (S&C Memo) to clarify CMS’ position that it prohibits physicians and health care providers from texting...more

2017 Closes with $2 Million HIPAA Settlement

On December 28, 2017, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that 21st Century Oncology, Inc. (21CO) agreed to pay $2.3 Million in lieu of potential civil money...more

New HIPAA Guidance On Disclosure Of PHI Related To Opioid Abuse And Mental Health

by Fox Rothschild LLP on

In our most recent post, the Top 5 Common HIPAA Mistakes to Avoid in 2018, we noted that the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) has recently published guidance on disclosing protected...more

Top 5 Common HIPAA Mistakes To Avoid In 2018

by Fox Rothschild LLP on

Heading into its 22nd year, HIPAA continues to be misunderstood and misapplied by many, including health care industry professionals who strive for (or at least claim the mantle of) HIPAA compliance. Here is my “top 5” list...more

HIPAA Enforcement Update

by Locke Lord LLP on

With respect to enforcement, the Department of Health and Human Services, Office for Civil Rights (OCR) announced two Settlement Agreements to resolve allegations of HIPAA violations between May and October of 2017. Neither...more

1,176 Results
|
View per page
Page: of 48
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.