News & Analysis as of

Settlement Agreements Health Insurance Portability and Accountability Act (HIPAA)

Epstein Becker & Green

FTC Brings Enforcement Action under FTC Act and Health Breach Notification Rule Based on GoodRx’s Use of Advertising Tracking...

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for...more

Health Care Compliance Association (HCCA)

One Security Guard, One Container: Find Unravels Derm Practice's Disposal Failure

Report on Patient Privacy 22, no. 9 (September, 2022) - When recommending best practices, federal privacy and security officials stress that organizations need to follow their protected health information (PHI) wherever...more

Health Care Compliance Association (HCCA)

2016 Breach Costs OK State Medical Center $875K; System Initially Missed Vulnerability

Report on Patient Privacy 22, no. 8 (August, 2022) - Oklahoma State University Center for Health Sciences’ (OSUCHS) breach might not have seemed all that serious at the time: No data is believed to have been misused,...more

Akerman LLP - Health Law Rx

Healthcare Providers: Add OCR’s Latest Right of Access Settlements to Your Summer Reading List

The Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”) announced on July 15, 2022, that it has resolved 11 investigations conducted under the Health Insurance Portability and...more

Proskauer on Privacy

DOJ’s Civil Cyber-Fraud Initiative Secures More Than $9 Million in Two False Claims Act Settlements for Alleged Cybersecurity...

Proskauer on Privacy on

Last fall, the United States Department of Justice (“DOJ”) launched its Civil Cyber-Fraud Initiative (“CCFI”) as part of its effort to “combat new and emerging cyber threats to the security of sensitive information and...more

Wiley Rein LLP

Settlement Paid to States to Resolve HIPAA and Consumer Protection Law Claims Constitutes Non-Covered “Fines and Penalties”

Wiley Rein LLP on

Applying Washington law, the United States District Court for the Western District of Washington has held that an insured’s payment to resolve claims brought by state attorneys general for HIPAA violations and consumer...more

Hinshaw & Culbertson - Privacy, Cyber & AI...

Lesson Learned From Recent FTC Settlement: Be Cautious With Compliance “Seals”

"HIPAA Compliance" seals are not a reliable indicator that a company's website employs reasonable measure to secure personal medical information. That is one lesson from a recently finalized settlement between the Federal...more

Robinson+Cole Data Privacy + Security Insider

OCR’s Tenth Right to Access Settlement Is Small but Meaningful

The Office for Civil Rights (OCR) recently settled a tenth case under its right-to-access initiative with California-based Riverside Psychiatric Medical Group (RPMG), for $25,000....more

Robinson+Cole Data Privacy + Security Insider

Community Health Systems, Inc. Settles for $5 M in Multi-State Settlement

On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a...more

Dorsey & Whitney LLP

2020’s a Bust, but HIPAA Enforcement Is on a Roll!

Dorsey & Whitney LLP on

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been actively enforcing HIPAA regulations this year, including a series of seven settlements under OCR’s Right of Access...more

Ballard Spahr LLP

HHS Announces Eight HIPAA Settlements

Ballard Spahr LLP on

Following a very quiet start to HIPAA settlement activity in 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced eight settlements with covered entities and business...more

Robinson+Cole Data Privacy + Security Insider

Athens Orthopedic Settles with OCR for $1.5M for Data Breach

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more

King & Spalding

Orthopedic Clinic Agrees to $1.5 Million Settlement with OCR and Two-Year Comprehensive Corrective Action Plan

King & Spalding on

On September 21, 2020, the HHS Office of Civil Rights (OCR) announced a $1.5 million settlement with Athens Orthopedic Clinic, a Georgia orthopedic clinic, to settle potential violations of the Health Insurance Portability...more

Wyrick Robbins Yates & Ponton LLP

The California Attorney General's Settlement with Glow: A Wake-Up Call for Consumer Health App Developers

Consumer-directed health apps are experiencing a boom thanks to COVID-19, as consumers seeking to avoid doctors’ office waiting rooms are increasingly relying on apps to measure and maintain their health.  That trend is...more

Bricker Graydon LLP

OCR announces second-largest HIPAA breach settlement

Bricker Graydon LLP on

On September 25, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced that it reached a settlement with Premera Blue Cross (PBC), a health plan operating in Washington and Alaska,...more

Foley Hoag LLP - Security, Privacy and the...

HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 Million Individuals

With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more

Stinson LLP

Is Your Prior Authorization Program Demonstrably Compliant?

Stinson LLP on

A recent settlement announced by DOJ serves as a good reminder of the need for device and pharmaceutical manufacturers to periodically revisit their prior authorization assistance programs, to assure that the programs are...more

Saul Ewing LLP

Five Different Providers in Five Different States Settle With OCR in its HIPAA Right of Access Initiative

Saul Ewing LLP on

On September 15, 2020, the United States Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced that it had settled five investigations under its HIPAA Right of Access Initiative....more

K&L Gates LLP

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

Robinson+Cole Data Privacy + Security Insider

Size Doesn’t Matter for OCR Enforcement Actions

Small health care organizations may think they are under the radar of the Office for Civil Rights (OCR), but a settlement the OCR agreed to last week should disabuse small health care providers of that notion....more

Skadden, Arps, Slate, Meagher & Flom LLP

Drug Pricing Concerns Drive Continued DOJ Focus on Life Sciences Companies

In 2019, U.S. Department of Justice (DOJ) enforcement activity targeting drug and device manufacturers jumped sharply over the prior year, reflecting an increased focus on fraud and abuse in the life sciences sector. More...more

Sheppard Mullin Richter & Hampton LLP

2019 Year in Review: Notable Changes in Law, Policy, and Enforcement of HIPAA

According to a December 20, 2019 Report by HIPAA Journal, nearly 39 million health care data breaches had been reported to the U.S. Department of Health and Human Services (“DHHS”), Office of Civil Rights (“OCR”) by the end...more

Faegre Drinker Biddle & Reath LLP

Ambulance Company Agrees to $65,000 OCR Settlement for HIPAA Noncompliance

West Georgia Ambulance, Inc. (West Georgia) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $65,000 no-fault settlement agreement and two year corrective action...more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert | December 2019

SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more

Fox Rothschild LLP

Clear Message From OCR: Don’t Ignore (Or Overcharge For) Patient Requests For Records

Fox Rothschild LLP on

Last week, the Office for Civil Rights (OCR) announced its second enforcement action and settlement with a provider for failing to comply with HIPAA’s patient access requirements. Korunda Medical, LLC, a primary care and...more

79 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide