News & Analysis as of

Policies and Procedures Office of Civil Rights

Saul Ewing LLP

OCR Imposes $200,000 Civil Money Penalty Against HIPAA-Covered Entity

Saul Ewing LLP on

On March 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil money penalty (“CMP”) of $200,000 against Oregon Health & Science University (“OHSU”) for failing to...more

King & Spalding

OCR Proposes Updates to Strengthen the HIPAA Security Rule

King & Spalding on

On December 27, 2024, the Office for Civil Rights (OCR) at HHS issued a Notice of Proposed Rulemaking (the Proposed Rule) intended to update the Security Rule under the Health Insurance Portability and Accountability Act...more

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Health Care Compliance Association (HCCA)

BAAs: If and when third parties receiving PHI for research qualify as BAs under HIPAA

A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more

Jackson Lewis P.C.

Key Takeaways for Healthcare Providers Following HHS OCR’s Most Recent Ransomware Investigation

Jackson Lewis P.C. on

Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more

Bowditch & Dewey

3-Part Series: Fall Semester Is Underway, Is Your College Up to Date on the Latest Federal Civil Rights Guidance? Part 1

Bowditch & Dewey on

In this three-part series, we’ll review the latest federal civil rights guidance, including Title VI, ADA and Section 504, and Title IX. Part 1: Take a Close Look at Your Discrimination and Harassment Policies and...more

ArentFox Schiff

Back to Campus in Today’s Environment

ArentFox Schiff on

After a year marked by student protests on university campuses nationwide, including encampments and commencement ceremony walk-outs, universities are scrambling to prepare for students’ return to campus the upcoming Fall...more

Health Care Compliance Association (HCCA)

An inside view of HIPAA enforcement

While many healthcare providers are generally aware of their obligations under HIPAA, most do not have a clear sense of what happens if they fail to meet these obligations. At best, most probably are familiar with headlines...more

Holland & Hart LLP

New ACA 1557 Non-Discrimination Rules: Checklist For Healthcare Providers

Holland & Hart LLP on

On May 6, 2024, the Department of Health and Human Services (HHS) published its final rule revamping the non-discrimination regulations issued under § 1557 of the Affordable Care Act.  The revised rules apply to all...more

Proskauer - Employee Benefits & Executive...

Final HIPAA Privacy Rule Increases Protection of Reproductive Health Care Data

The Office for Civil Rights (“OCR”) at the Department of Health and Human Services (“HHS”) recently issued final regulations (“Reproductive Health Care Rule”) under the Health Insurance Portability and Accountability Act of...more

Akin Gump Strauss Hauer & Feld LLP

2024 Guide to DOJ and HHS OIG Guidance on Effective Compliance Programs

The Department of Health & Human Services’ Office of Inspector General (HHS OIG) and U.S. Department of Justice (DOJ) have published important guidance and recommendations for pharmaceutical companies to develop and implement...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

McDermott Will & Emery

Ensuring Nondiscrimination in Patient Visitations

McDermott Will & Emery on

Reflecting on lessons learned and complaints received during the COVID-19 pandemic, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released detailed frequently asked questions (FAQs)...more

Polsinelli

HHS Finalized Part 2 Revisions: What Has Changed?

Polsinelli on

On February 8, 2024, the U.S. Department of Health and Human Services, through its Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), released final rule (Final Rule)...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - May 6th - 9th, San Antonio, TX

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

King & Spalding

OCR Provides Guidance Regarding Patient Visitation Rights

King & Spalding on

On January 25, 2024, HHS Office for Civil Rights (OCR) issued guidance and responses to frequently asked questions regarding nondiscrimination regulations related to patient visitation. Hospitals, long term care facilities,...more

Seyfarth Shaw LLP

Cyber Strategy: HHS Weighs in on Cybersecurity in the Healthcare Industry

Seyfarth Shaw LLP on

Seyfarth Synopsis: The health care sector faces escalating cybersecurity risks given its size, technological dependence and the sensitive nature of data used therein. According to the U.S. Department of Health and Human...more

Health Care Compliance Association (HCCA)

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Verrill

HIPAA Privacy Rule Changes: Just in time for the New Year?

Verrill on

In 2021, the Department of Health and Human Services (HHS) proposed changes to the Privacy Rule under the Health Insurance Portability and Accessibility Act of 1996 (HIPAA) that would significantly alter the current...more

Mintz - Health Care Viewpoints

OCR Cybersecurity Newsletter Emphasizes Significance of HIPAA Sanction Policies

The Office for Civil Rights (OCR) recently offered covered entities and business associates (Regulated Entities) not-so-subtle reminders in its October 2023 Cybersecurity Newsletter that effective sanction policies can...more

Ankura

DHHS OCR and FTC Issue Warning to Hospital Systems and Telehealth Providers Regarding Privacy and Security Risks

Ankura on

On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - October 16th - 19th, San Francisco, CA

Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more

WilmerHale

HHS OCR Settles with iHealth Solutions Over Alleged HIPAA Violations

WilmerHale on

On June 28, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement (resolution agreement and corrective action plan) with iHealth Solutions (also known as Advantum Health)...more

Tarter Krinsky & Drogin LLP

HIPAA Compliance Lessons for Covered Entities

The recent settlement between the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and a community hospital is a reminder of the importance of HIPAA compliance for all healthcare organizations. The...more

89 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide