Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
Podcast: Are Vaccine Passports the Key to Reopening? - Diagnosing Health Care
HIPPA: Privacy & Security and Potential Rule Changes
Compliance Perspectives: Privacy Investigations in a Virtual World
Sending a shot across the bow of the gig economy, New Jersey is seeking nearly $650 million from Uber for “years of unpaid employment taxes for its drivers, arguing that the ride-hailing company has misclassified the workers...more
A recent issue of MIT’s Technology Review magazine is titled, “Look how far precision medicine has come.“ At least part of the premise is that personalized medicine or precision medicine is not perceived as having made the...more
Based on the results of the Office for Civil Rights (OCR) Health Insurance Portability and Accountability Act of 1996 (HIPAA) Phase 2 desk audits for covered entities, small and mid-sized providers (Smaller Providers) are on...more
Welcome back to our three-part series examining ways to efficiently identify, address and mitigate gaps in HIPAA compliance in transaction diligence. In Part I of this series, we discussed four key diligence questions upon...more
I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more
The use of cloud service providers has exploded in the past several years. According to estimates from Gartner, the market for cloud services is expected to reach $204 billion in 2016. But the use of cloud service providers...more
Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more
The message from patients to healthcare providers is clear: increase the quality of health services while decreasing cost. The message from the federal government to healthcare providers and their business associates is even...more
Recently, regulators issued new guidance related to the Health Insurance Portability and Accountability Act (“HIPAA”), Pub.L. 104–191, 110 Stat. 1936, enacted August 21, 1996. Specifically, on October 6, 2016, the Department...more
The Department of Health and Human Services’ Office of Civil Rights (OCR) has issued guidelines for HIPAA-covered entities that utilize cloud computing in processing electronic protected health information (ePHI). The...more
HHS recently posted guidance on its website addressing HIPAA’s approach to cloud computing. Basically, any time a cloud service provider has electronic protected health information (ePHI), it’s a business associate. This is...more
On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance on complying with HIPAA privacy, security, and breach notification rules when using cloud computing technology...more
On October 7, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance. As discussed below,...more
On October 7, 2016, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), released a guidance document (the “Guidance”) on the HIPAA-compliant use of cloud computing technologies. The...more
The Department of Health and Human Services Office for Civil Rights (OCR) issued long-anticipated guidance to help covered entities and their business associates — including cloud service providers (CSPs) — comply with the...more
On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (OCR) released HIPAA guidance on cloud computing (Guidance). The Guidance is intended to help covered entities and business associates...more
Last week, the Department of Health and Human Services’ Office for Civil Rights (OCR) provided guidance for HIPAA covered entities and business associates that use or want to use cloud computing services involving protected...more
Cloud-based electronic medical record (EMR) company Practice Fusion has agreed to settle an enforcement action with the FTC that alleges that it misled consumers when it solicited reviews of their doctors. The FTC alleges...more
More and more organizations are turning to the cloud because of how flexible and low-cost it is. As a result, many health care organizations are now using cloud-based servers to store patient information and are discovering...more
Both telemedicine providers and technology companies that serve the telehealth industry face some unique and sometimes complicated challenges dealing with HIPAA, especially as it relates to the storage, transmission, and use...more
A lot has changed since the HIPAA Privacy Rule was finalized in 2002 and the HIPAA Security Rule was finalized a year later in 2003. The iPhone had not been released (that happened in 2007), Apple had just released the...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
Alleged HIPAA Violations Resulted from Medical Center’s Failure to Risk Assess Internet-Based Document Sharing Application and Inadequate Breach Response. The US Department of Health and Human Services (HHS) Office for...more
For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more
This week, the HIPAA FAQ series continues with another topic about business associate agreements (BAAs). As most Covered Entities and Business Associates know, in the event that a Covered Entity utilizes a service provider...more