Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more
On April 22, 2024, the federal Department of Health and Human Services’ Office for Civil Rights (OCR) announced a final rule enhancing privacy protections relating to reproductive health care. Specifically, the final rule...more
Many HIPAA covered entities and business associates struggle with developing and implementing a sanctions policy. What should it say, is zero-tolerance required, do we have to impose discipline in every case, etc. These are...more
Report on Patient Privacy 22, no. 4 (April, 2022) - By many measures, David Northcutt’s unsuccessful 2018 bid for the Alabama senate was a costly one. Northcutt, a dentist, loaned his campaign $73,000 throughout the...more
HIPAA privacy rules do not prevent employers and businesses from asking employees and visitors about their COVID-19 vaccination status, the government recently reiterated. In guidance issued on September 30, 2021, the U.S....more
On September 30, 2021, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR)issued guidance to help the public understand when the Health Insurance Portability and Accountability Act of 1996...more
Get the latest updates on government initiatives related to physicians and clinics - HCCA’s Clinical Practice Compliance Conference provides insights, updates, and strategies that are pertinent to developing and managing...more
Nearly 20 years to the day after the first HIPAA privacy regulations were announced, HHS has posted proposed revisions to HIPAA, evidence that even after twenty years, HIPAA privacy remains a work in progress. These proposed...more
The worldwide COVID-19 pandemic visited on America in the past several months has quickly reinvigorated the foundational and important debate concerning where, in a free society, individual autonomy ends (or should end) and...more
Elite Dental Associates (Elite), located in Dallas, Texas has agreed to settle alleged HIPAA violations with the Office for Civil Rights (OCR) for $10,000....more
Yesterday, DHHS’s Office for Civil Rights (OCR) announced a $100,000 settlement with a dissolved medical records moving and storage company in Illinois. This is another example of OCR bringing enforcement actions against a...more
On this blog, we have discussed the criticality of risk analyses – the assessment required by the Security Rule of the “risks and vulnerabilities” that an organization faces with respect to all of its electronic protected...more
The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more
The US Department of Health and Human Services Office for Civil Rights recently posted guidance clarifying that a business associate such as an information technology vendor generally may not block or terminate access by a...more
On October 7, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance. As discussed below,...more
On February 25, 2016, the Office of Civil Rights (OCR) released a set of FAQs directed at healthcare providers and plans that are required to comply with the HIPAA Privacy Rule (the Privacy Rule). The guidance emphasizes that...more
On February 16, 2016, the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced that it had entered into an agreement with Complete P.T., Pool & Land Physical Therapy, Inc. (CPT), a physical...more
The Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 and the regulations promulgated thereunder (“HIPAA”) should be now well-known to health care providers and health plans. Under HIPAA’s...more
For only the second time in its history, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has imposed a civil money penalty (CMP) on a covered entity for allegedly violating the HIPAA...more
Over the past year, numerous lawsuits and complaints to the HHS Office for Civil Rights (“OCR”) have been filed by plaintiffs’ attorneys over a seemingly obscure HIPAA issue – the rate that health care providers and their...more
On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more
On September 29, 2015, the Office of Inspector General (OIG) released two reports that reviewed the Office of Civil Rights’ (OCR) enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve...more