Privacy Rule, Cybersecurity, Data Breach

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on 1/22/2025

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Sanction Policies Can Help Drive Cybersecurity and HIPAA Compliance, OCR Says

Jackson Lewis P.C. on 10/25/2023

Many HIPAA covered entities and business associates struggle with developing and implementing a sanctions policy. What should it say, is zero-tolerance required, do we have to impose discipline in every case, etc. These are...more

Dental Practice Pays $10,000 Fine to OCR for Disclosing PHI on Social Media

Robinson+Cole Data Privacy + Security Insider on 10/14/2019

Elite Dental Associates (Elite), located in Dallas, Texas has agreed to settle alleged HIPAA violations with the Office for Civil Rights (OCR) for $10,000....more

Last Chance for Financial Companies to Weigh in On New FTC Data Security Standards

BCLP on 3/18/2019

For the first time in 17 years, the FTC is proposing significant increases to the information security standards which apply to those financial institutions that are regulated by the FTC and are not already subject to similar...more

FTC Seeks Comment on Proposed Amendments to Safeguards and Privacy Rules

Ballard Spahr LLP on 3/8/2019

The FTC has proposed amendments to its 2003 Safeguards Rule and the 2000 Privacy Rule, applicable to financial institutions under the Gramm Leach Bliley Act (GLBA). ...more

Deal Breaker – Cyber Security Risk in Health Care Transactions

Polsinelli on 1/3/2019

Health care organizations’ lack of compliance with the data privacy and security requirements of both state laws and the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security and Breach Notification...more

The FTC Data Security Settlement with Uber

Bilzin Sumberg on 8/23/2017

The Risks of Overpromising and Underperforming - Demonstrating its authority over all things cybersecurity, the Federal Trade Commission (FTC) announced that it has entered into a proposed consent order with Uber for the...more

Government Investigations Into Cybersecurity Breaches In Healthcare

K&L Gates LLP on 2/15/2016

In September 2015, a U.S. Department of Health and Human Services (HHS), Office of the Inspector General (OIG), report found that the Office of Civil Rights (OCR), the agency charged with ensuring compliance with the Health...more

OIG report spurs OCR to announce phase 2 audits

Robinson+Cole Data Privacy + Security Insider on 10/9/2015

On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Orrick, Herrington & Sutcliffe LLP on 9/21/2015

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

OCR settlement reiterates importance of proactive security rule compliance

Robinson+Cole Data Privacy + Security Insider on 9/17/2015

On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve...more

Privacy Rule › Cybersecurity › Data Breach

"My best business intelligence, in one easy email…"