News & Analysis as of

Policies and Procedures Office of Civil Rights Data Security

Jackson Lewis P.C.

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

Health Care Compliance Association (HCCA)

BAAs: If and when third parties receiving PHI for research qualify as BAs under HIPAA

A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more

Jackson Lewis P.C.

Key Takeaways for Healthcare Providers Following HHS OCR’s Most Recent Ransomware Investigation

Jackson Lewis P.C. on

Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - May 6th - 9th, San Antonio, TX

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Seyfarth Shaw LLP

Cyber Strategy: HHS Weighs in on Cybersecurity in the Healthcare Industry

Seyfarth Shaw LLP on

Seyfarth Synopsis: The health care sector faces escalating cybersecurity risks given its size, technological dependence and the sensitive nature of data used therein. According to the U.S. Department of Health and Human...more

Ankura

DHHS OCR and FTC Issue Warning to Hospital Systems and Telehealth Providers Regarding Privacy and Security Risks

Ankura on

On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - October 16th - 19th, San Francisco, CA

Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - March 6th - 9th, Phoenix, AZ

Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more

Woods Rogers

HIPAA Security Rule: What are “Recognized Security Practices” and why are they important?

Woods Rogers on

A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 5th - 8th, Anaheim, CA

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - August 22nd - 25th, Las Vegas, NV

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Baker Donelson

Office For Civil Rights Seeks Input on Implementation of HITECH Amendments

Baker Donelson on

On April 6, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking public comment on "recognized security practices" and on sharing civil...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - September 27th - 30th, Austin, TX

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - August 2nd - 5th, Seattle, WA

Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more

Bricker Graydon LLP

[Webinar] OCR Enforcement Activity: Recent HIPAA Audits & Right of Access Initiative Settlements - March 4th, 12:00 pm - 1:00 pm...

Bricker Graydon LLP on

Health care technology has seen an incredible amount of change over the past twelve months. As health care providers and entities continue to provide patient care in unprecedented times, it is becoming increasingly important...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - November 2nd - 5th, Nashville, TN

Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Faegre Drinker Biddle & Reath LLP

Ambulance Company Agrees to $65,000 OCR Settlement for HIPAA Noncompliance

West Georgia Ambulance, Inc. (West Georgia) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $65,000 no-fault settlement agreement and two year corrective action...more

Faegre Drinker Biddle & Reath LLP

$3 Million OCR HIPAA Settlement Due to Lost Flash Drive and Stolen Laptop

The University of Rochester Medical Center (URMC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $3 million no-fault settlement agreement and two year corrective...more

Robinson+Cole Data Privacy + Security Insider

Cottage Health Settles with OCR for $3M

We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more

Womble Bond Dickinson

Is Your HIPAA Compliance Program Ready for the FTC?

Womble Bond Dickinson on

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

McDermott Will & Emery

OCR Enforcement Trends

On April 27, 2015, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Cornell Prescription Pharmacy (CPP) pursuant to which CPP paid a $125,000...more

23 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide