New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
Dobbs on Demand: Healthcare Privacy on the Line in a New Legal Setting
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
The Office for Civil Rights of the Department of Health and Human Services (OCR) was busy negotiating and settling enforcement actions in November and early December. Since October 31, 2024, the OCR has settled five separate...more
On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more
On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more
In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more
In late October, the U.S. Department of Health and Human Services (HHS) reached a settlement agreement with a medical management company based in Massachusetts over alleged HIPAA violations. Under the settlement terms, the...more
Late last year, the Department of Health and Human Services (HHS) issued its first HIPAA settlement agreement involving a ransomware attack. In the press release announcing the settlement, HHS stated that they began...more
2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more
The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more
On September 11, 2023, the HHS Office of Civil Rights (OCR) announced a settlement with LA Care Health Plan (LA Care) regarding LA Care’s potential HIPAA Security Rule violations. HHS and LA Care have executed a Resolution...more
On June 28, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement (resolution agreement and corrective action plan) with iHealth Solutions (also known as Advantum Health)...more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR - As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
On May 16, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced a $350,000 settlement with MedEvolve, Inc., a practice and revenue cycle management and practice analytics software...more
On February 17, 2023, the state attorneys general of Pennsylvania and Ohio reached a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach that affected 2.1 million individuals nationwide and...more
In one of the final health care-related actions by the Trump Administration, on January 15, 2021, the United States Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced that Excellus Health...more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more
Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more
Report on Medicare Compliance 29, no. 28 (August 3, 2020) - The 2017 theft of an unencrypted laptop is at the heart of a new HIPAA settlement with Lifespan Health System Affiliated Covered Entity (Lifespan ACE) in Rhode...more
Report on Research Compliance 17, no. 1 (January 2020) - Ah, those pesky residents. If you’re a teaching hospital, you can’t live without them, right? But sometimes living with them is mighty costly, as the University of...more
Last week, Indiana based Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). MIE provides electronic health record and related...more
April proved to be a busy month for the U.S. Department of Health and Human Services Office for Civil Rights (OCR) under its newly appointed director, Roger Severino. OCR announced three settlements of potential HIPAA...more
While your business may indeed be a “victim” when hit by a phishing attack, your enterprise can also be responsible for violations of law associated with the incident. Earlier this week, the HHS Office for Civil Rights...more
On August 4, 2016, the Office for Civil Rights (“OCR”) of the U.S. Health & Human Services Department (“HHS”) announced a $5.55 million HIPAA settlement with Advocate Health Care Network (“Advocate”), the largest...more