News & Analysis as of

Protected Health Information Data Protection HIPAA Breach

Quarles & Brady LLP

Fresh From the Oven: OCR-HHS Issues a Notice of Proposed Rulemaking for the HIPAA Security Rule

Quarles & Brady LLP on

‘Tis the season for holiday baking and the elves at the U.S. Department of Health and Human Services (HHS), through its Office for Civil Rights (OCR), have been diligently crafting their own holiday treat. On December 27,...more

Dinsmore & Shohl LLP

[Webinar] Don't Be the Next Change Healthcare: How to Avoid a Breach and Prepare Your Response Plan - October 29th, 12:00 pm -...

Dinsmore & Shohl LLP on

During the first half of this webinar, Jen Mitchell, Bryan Murray and Laura Fryan, will focus on practical tips and pointers on avoiding a HIPAA breach and what lessons you can take away from the Change Healthcare breach. ...more

Baker Botts L.L.P.

2024 HIPAA Action Items for Health Plans

Baker Botts L.L.P. on

In light of the changing legal landscape following Dobbs v. Jackson Women’s Health Organization, the Department of Health and Human Services (the “Department”) issued a final rule (link, and corresponding fact sheet link)...more

Akerman LLP - Health Law Rx

FTC’s Updated Health Breach Notification Rule Puts Health App Developers on Notice

The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more

Tucker Arensberg, P.C.

HIPAA Fundamentals for Providers

Tucker Arensberg, P.C. on

In March of this year, The Office for Civil Rights of the Department of Health and Human Services issued a letter addressing the recent cybersecurity incident impacting many health care entities, primarily Change Healthcare,...more

Quarles & Brady LLP

Never Say Never Again: HHS Signals the Return of HIPAA Audit Program

Quarles & Brady LLP on

On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more

Jackson Lewis P.C.

Downstream Breaches Cause Headaches for Healthcare Providers, as State AG Seeks Law Change to Require AG Notification

Jackson Lewis P.C. on

For healthcare providers and health systems covered by the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), a breach of unsecured protected health information (PHI)...more

Benesch

Recent Dental Benefit Provider Data Breach Highlights Legal Risks and Need for Proactive Mitigation

Benesch on

Data Breaches risk legal consequences—both from state and federal governments and consumers, as well as reputational harm. Last month, MCNA—a dental benefit provider—provided notice of a data breach that exposed the...more

Polsinelli

“First-of-Its-Kind” FTC Breach Enforcement Case on Hot-Button Website Tracking Issue

Polsinelli on

On February 1, 2023, the Federal Trade Commission (“FTC”) announced that it filed a “first-of-its-kind proposed order” under its Health Breach Notification Rule promulgated pursuant to section 13407 of the American Recovery...more

Epstein Becker & Green

FTC Brings Enforcement Action under FTC Act and Health Breach Notification Rule Based on GoodRx’s Use of Advertising Tracking...

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for...more

Robinson+Cole Health Law Diagnosis

HHS Proposes Rule to Align Part 2 Records and HIPAA

On November 28, 2022, the Department of Health and Human Services (HHS) issued a proposed rule to modify the confidentiality protections of Substance Use Disorder (SUD) patient treatment records under 42 CFR Part 2 (Part 2)...more

Health Care Compliance Association (HCCA)

[Virtual Event] Richmond Regional Healthcare Compliance Conference - December 9th, 8:25 am - 4:30 pm EST

General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #324 – What Happens to My Health Information When a Hospital Goes Out of Business?

In general, both state and federal laws apply to health information or protected health information that is in the possession of hospitals, health systems, and medical providers. HIPAA requires that covered entities...more

Arnall Golden Gregory LLP

Upcoming Annual Deadline for HIPAA Small Breach Reporting: March 1, 2022

HIPAA-covered entities should note the quickly approaching March 1, 2022 deadline for reporting breaches of unsecured protected health information that occurred in 2021 and involved fewer than 500 individuals. This article...more

Robinson+Cole Data Privacy + Security Insider

New Jersey Settles with Cancer Center Over Business Email Compromise

One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more

Akerman LLP - Health Law Rx

Providers: Cyberattacks Are Still Coming–Are You Prepared?

Cyberattacks against healthcare providers accounted for 79% of all reported data breaches in 2020. (See here). The U.S. Department of Health and Human Services’ (HHS) Office of the Assistant Secretary for Preparedness and...more

Health Care Compliance Association (HCCA)

Compliance Perspective: What's New in Healthcare Privacy

Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition. https://www.hcca-info.org/health-care-privacy-handbook To learn what’s new in the book and in healthcare privacy...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 20, Number 12. Privacy Briefs: December 2020

Report on Patient Privacy 20, no. 12 (December 10, 2020) - Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks as the company races to deploy its COVID-19...more

Health Care Compliance Association (HCCA)

From Her Words to OCR's Ears: 'Dissent' Seeks to Hold Hackers, Leakers Accountable

Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more

Robinson+Cole Data Privacy + Security Insider

Data Breach Regulatory Settlements Update

Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health....more

Seyfarth Shaw LLP

Don’t Get Caught in the “Low-Hanging Fruit” HIPAA Harvest

Seyfarth Shaw LLP on

Seyfarth Synopsis: The Director of HIPAA enforcement agency cautions that many covered entities are not meeting the basic HIPAA requirements and sees “low-hanging fruit” for enforcement activity....more

Robinson+Cole Data Privacy + Security Insider

Yearly Data Breach Reporting Due to OCR by February 29

Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more

Robinson+Cole Health Law Diagnosis

Texas Health and Human Services Fined $1.6 Million for HIPAA Violations

The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more

Faegre Drinker Biddle & Reath LLP

$1.6 Million Civil Money Penalty for HIPAA Breach Impacting 6,617 Individuals

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services imposed a $1.6 million civil money penalty (CMP) against the Texas Health and Human Services Commission, Department of Aging and Disability...more

Robinson+Cole Data Privacy + Security Insider

Philadelphia DPH Breach Exposes Hepatitis Patients’ Data

A reporter from the Philadelphia Inquirer discovered that sensitive data of hepatitis patients were accessible online through a Philadelphia Department of Public Health (DPH) website tool without the need for a password. The...more

41 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide