News & Analysis as of

Protected Health Information Data Breach Department of Health and Human Services (HHS)

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Health Care Compliance Association (HCCA)

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

McCarter & English, LLP

Season of Enforcement: OCR Announces Its Sixth Enforcement Action of 2025

With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more

Quarles & Brady LLP

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Ropes & Gray LLP

A Flurry of Healthcare Sector Cybersecurity Regulatory Developments in 2024

Ropes & Gray LLP on

2024 was a record year for cyberattacks in the healthcare sector. According to the Breach Portal maintained by the U.S. Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”), to date this year, there...more

Quarles & Brady LLP

HHS Office for Civil Rights Reaffirms Interest in Enforcement Related to Reproductive Health Information

Quarles & Brady LLP on

On December 2, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced a settlement with Holy Redeemer Family Medicine, a Pennsylvania covered entity, regarding an alleged violation...more

Saul Ewing LLP

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

Sheppard Mullin Richter & Hampton LLP

Over 940,000 Medicare Beneficiaries Impacted by Data Breach

The Centers for Medicare & Medicaid Services (“CMS”) and its contractor, Wisconsin Physicians Service Insurance Corporation (“WPS”), recently notified over 940,000 Medicare beneficiaries of a data breach that has potentially...more

Saul Ewing LLP

Medical Practice Agrees to Pay $250,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

Fenwick & West LLP

Change Breach Results in Notification Clarity

Fenwick & West LLP on

On May 31, 2024, more than four months after the February 2024 Change Healthcare ransomware attack, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) updated its Change Healthcare FAQs. ...more

Ballard Spahr LLP

2024 HIPAA Developments

Ballard Spahr LLP on

Over the course of the past few months, the Office of Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC), both of which are divisions of the U.S. Department of Health and...more

Benesch

Dialysis & Nephrology Digest - June 2024

Benesch on

KCP supports House bill to restore original intent of Medicare Secondary Payer Act - Kidney Care Partners (KCP) commends the 36 co-sponsors of the bill before the House, who come from both sides of the aisle and represent...more

Tucker Arensberg, P.C.

Navigating HIPAA’s Breach Notification Rule Following A Breach

Tucker Arensberg, P.C. on

In light of the ongoing investigation of Change Healthcare’s ransomware attack that resulted in the improper disclosure of thousands of individuals’ PHI, now seems like a perfect time to discuss HIPAA’s requirements...more

Seyfarth Shaw LLP

Keeping with the Times - FTC Expands Scope of Health Breach Notification Rule, Even as HHS Announces Its Own HIPAA Update

Seyfarth Shaw LLP on

On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more

Tucker Arensberg, P.C.

HIPAA Fundamentals for Providers

Tucker Arensberg, P.C. on

In March of this year, The Office for Civil Rights of the Department of Health and Human Services issued a letter addressing the recent cybersecurity incident impacting many health care entities, primarily Change Healthcare,...more

Benesch

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Benesch on

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more

BakerHostetler

HHS OCR Provides Annual Report to Congress Detailing 2022 Enforcement Activities

BakerHostetler on

On Feb. 16, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published its 2022 Annual Report to Congress. ...more

Health Care Compliance Association (HCCA)

Privacy Briefs: March 2024

Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more

Miles & Stockbridge P.C.

Highlights from the Inaugural Hot Topics in Health Care Law

The Miles & Stockbridge Health Care Practice Group hosted its inaugural Hot Topics in Health Care Law seminar last month for clients from Maryland and beyond. Miles & Stockbridge health care lawyers kicked off the seminar...more

American Conference Institute (ACI)

[Event] 15th Annual Advanced Forum on Managed Care Disputes and Litigation - May 2nd - 3rd, Chicago, IL

ACI’s Advanced Forum on Managed Care Disputes and Litigation offers an unparalleled learning experience, specifically designed for the MCO legal community. Attend and develop winning legal strategies and business best...more

Paul Hastings LLP

Data Breaches Exposing Protected Health Information Are Surging

Paul Hastings LLP on

The number of large data breaches, those involving 500 or more people, exposing protected health information has increased exponentially in the last few years, and ransomware and hacking are the primary cyber threats in...more

Rivkin Radler LLP

Montefiore Medical Center Settles HIPAA Breach for $4.75 Million

Rivkin Radler LLP on

On February 6, the U.S. Department of Health and Human Services (HHS) announced a $4.75 million settlement with Montefiore Medical Center (MMC) for a breach of unsecured electronic protected health information (ePHI). The...more

239 Results
 / 
View per page
Page: of 10

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide