Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
Podcast: Are Vaccine Passports the Key to Reopening? - Diagnosing Health Care
HIPPA: Privacy & Security and Potential Rule Changes
Compliance Perspectives: Privacy Investigations in a Virtual World
The Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS) recently issued its Final Rule to modify HIPAA “to support reproductive health care privacy.” The Final Rule is in response to Executive...more
The U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR") continues to be actively engaged in investigating and settling alleged HIPAA violations. In advance of Mother's Day, two decisions...more
Report on Patient Privacy 22, no. 10 (October, 2022) - How about free? Patients daily face the machinations of getting records from their providers, and health care practices, hospitals and even dentists struggle with...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
In the wake of the Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization, the Department of Health and Human Services Office for Civil Rights (OCR) yesterday issued guidance addressing how the Health...more
When use or disclosure of an individual’s health information or medical records is at issue, the assumption seems to be, much more often than not, that the HIPAA privacy and security rules apply. This has certainly been the...more
Under the Health Insurance Portability and Accountability Act (“HIPAA”), individuals have the right, with some limited exceptions, to access their protected health information (PHI) maintained in a designated record set by a...more
Last week, Diabetes, Endocrinology & Lipidology Center Inc. (DELC) of West Virginia reached a $5,000 settlement with the Office for Civil Rights (OCR) over allegations that it failed to provide timely access to a patient’s...more
A small New Jersey plastic surgery practice, Village Plastic Surgery (“VPS”), has become the eighteenth HIPAA covered entity to face an enforcement action under the Office for Civil Right’s HIPAA Right of Access Initiative....more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
With limited exceptions, HIPAA generally gives individuals the right to access or obtain copies of their protected health information ("PHI") from covered entities. (45 CFR § 164.524(a)). But the right of access does not...more
Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and specifically the Privacy Rule under HIPAA’s implementing regulations, patients have a right to access their health information held by health...more
Health care technology has seen an incredible amount of change over the past twelve months. As health care providers and entities continue to provide patient care in unprecedented times, it is becoming increasingly important...more
2020 was an active year for HIPAA regulatory activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). In this article, we take a look at some of the HIPAA highlights from 2020 and...more
Report on Patient Privacy 18, no. 1 (January 2021) - The HHS Office for Civil Rights (OCR) settled its 13th enforcement action in its Right of Access Initiative, first announced in 2019 to support individuals’ rights to...more
Privacy revisions under the Health Insurance Portability and Accountability Act (HIPAA) may be on the horizon, with some potential changes that could benefit both patients and the healthcare industry. Other changes, if...more
In 2020, the Office for Civil Rights (OCR) kept the promise it made the prior year to “vigorously enforce” the rights of patients to access and exercise control over their medical records. OCR has settled ten “right of...more
Healthcare providers are generally required by HIPAA to provide patients or their legal representatives with the ability to inspect or obtain copies of their medical records within 30 days of a request (state specific...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been actively enforcing HIPAA regulations this year, including a series of seven settlements under OCR’s Right of Access...more
Under the HIPAA Privacy Rule, individuals have a right to timely access their medical records at a reasonable cost. With some exceptions, a health care provider must provide those records without reasonable delay and within...more
Recent enforcement actions by the Office for Civil Rights (OCR) underscore the importance of providing patients with copies of their protected health information (PHI) as required by HIPAA. Failure to provide access exposes...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more
For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more
Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more