News & Analysis as of

Security Risk Assessments Health Insurance Portability and Accountability Act (HIPAA) Health Care Providers

Health Care Compliance Association (HCCA)

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Foley & Lardner LLP

Telehealth Providers: HHS Issues HIPAA Best Practices

Foley & Lardner LLP on

Recognizing the evolving landscape of care delivery and growth of telehealth, the U.S. Department of Health and Human Services (HHS) published a resource guide aimed at assisting telehealth providers in explaining the privacy...more

Harris Beach PLLC

New York Wants Comprehensive Cybersecurity Plans for Hospitals by February 2025

Harris Beach PLLC on

New York Gov Kathy Hochul is touting her proposed statewide cybersecurity regulations for hospitals and health systems as “nation-leading,” and, if approved, those entities will have until February 2025 to comply with the new...more

Holland & Hart LLP

To BAA or Not to BAA: Must You Have One?

Holland & Hart LLP on

HIPAA applies to both covered entities (e.g., healthcare providers and health plans) and their business associates. A “business associate” is generally a person or entity that “creates, receives, maintains or transmits”...more

Foley Hoag LLP - Security, Privacy and the...

HHS OCR/ONC Announce Latest Version of Security Risk Assessment Tool

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have released version 3.4 of their Security Risk Assessment...more

Foley & Lardner LLP

Key Findings & Takeaways from OCR HIPAA Audit Findings

Foley & Lardner LLP on

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more

Troutman Pepper

FDA Launches Digital Center of Excellence and ONC Updates HIPAA Security Risk Assessment Tool

Troutman Pepper on

Why It Matters - In order to safeguard their information, health care and life science organizations should remain vigilant in monitoring DHCoE developments and initiatives, including any policy/regulation clarifications...more

Health Care Compliance Association (HCCA)

Under New Settlement, Ambulance Co. Pays OCR $65K, Must Quickly Encrypt Computers

Report on Patient Privacy 20, no. 1 (January 2020) - In the waning days of 2019, the HHS Office for Civil Rights (OCR) didn’t halt the HIPAA enforcement momentum it had built up during the last quarter of the year, dinging...more

Foley & Lardner LLP

HIPAA: Failure to Report Breach Costs Hospital $2.175 Million

Foley & Lardner LLP on

One health system recently learned the cost of relying too heavily on the HIPAA Breach Notification Rule’s “low probability of compromise” standard when it failed to notify all affected individuals and report the HIPAA breach...more

Health Care Compliance Association (HCCA)

Report on Medicare Compliance Volume 28, Number 40. News Briefs - November 2019 #2

Report on Medicare Compliance Volume 28, Number 40. (November 11, 2019) - - In a new Medicare compliance review, the HHS Office of Inspector General (OIG) said Angels Care Home Health in Salina, Kansas, didn’t comply with...more

Holland & Hart - The Benefits Dial

It’s HIP(AA) to be square… making sure you are HIPAA compliant

The Health Insurance Portability and Accountability Act (“HIPAA”) was created for one specific reason – evolution of technology. Today, health care providers are using online clinical applications and electronic health...more

Shumaker, Loop & Kendrick, LLP

Client Alert: The Lack of an Adequate HIPAA Security Risk Assessment is a Common and Costly Mistake by Healthcare Providers: What...

Health care providers and others who must comply with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) have specific requirements under the Security Rule to HIPAA when it comes to their mainte-nance...more

Robinson+Cole Data Privacy + Security Insider

Cottage Health Settles with OCR for $3M

We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more

Hogan Lovells

Recap of the OCR/NIST Conference on Safeguarding Health Information

Hogan Lovells on

Regulators provided key insights into enforcement trends and potential changes to HIPAA regulations at the 11th Annual “Safeguarding Health Information: Building Assurance Through HIPAA Security” conference in October...more

Baker Donelson

Changes to the Security Risk Assessment (SRA) Tool Require Attention

Baker Donelson on

The HHS Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) released an updated Security Risk Assessment (SRA) Tool this week. All covered entities and business...more

Hogan Lovells

Best practices for managing cybersecurity risks related to IoT-connected medical devices

Hogan Lovells on

Connected medical devices deliver numerous benefits not available before, including improved monitoring of patient welfare and a wealth of vital data. But for all the advantages available through these devices, their...more

Robinson+Cole Data Privacy + Security Insider

HHS: Ransomware Attacks Likely HIPAA Breaches In Absence of Encryption

On July 11, 2016, the U.S. Department of Health & Human Services (HHS) issued a Fact Sheet that provides guidance on (i) how HIPAA Security Rule compliance can assist health care organizations combat ransomware attacks, and...more

Mintz - Health Care Viewpoints

“Your Money or Your PHI”: OCR Releases Guidance on Ransomware

On July 11, 2016, the Office for Civil Rights (OCR) released important new guidance on ransomware for hospitals and other healthcare providers and finally addressed the question of whether electronic protected health...more

BakerHostetler

HIPAA Fine Underscores OCR’s Focus on Physician Group Compliance

BakerHostetler on

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced a $750,000 fine and resolution agreement, including a Corrective Action Plan (CAP), for Cancer Care Group, P.C. (CCG), a...more

McDermott Will & Emery

OCR Enforcement Trends

On April 27, 2015, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Cornell Prescription Pharmacy (CPP) pursuant to which CPP paid a $125,000...more

Sheppard Mullin Richter & Hampton LLP

HHS releases new software for updating (but not replacing) HIPAA security risk assessment toolkits

Last week, the Department of Health and Human Services (HHS) released a new, free, downloadable tool to assist small and medium-size health care provider offices to conduct security risk assessments (SRA)....more

Obermayer Rebmann Maxwell & Hippel LLP

New HIPAA Tool Released by the Federal Government – Makes Assessing Risks Easier and It Won’t Cost You a Dime

Do you lie awake at night wondering if you or the health care entity for which you work is complying with the Health Insurance Portability and Accountability Act (“HIPAA”)? If so, you will be happy to hear that a good night’s...more

22 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide