News & Analysis as of

Third-Party Service Provider Office of Civil Rights

Jackson Lewis P.C.

Health and Welfare Plans: Recent Topics in Year-End Compliance

Jackson Lewis P.C. on

As we bid farewell to 2024 and look ahead to the new year, we reflect on the many evolving compliance obligations that health and welfare plan sponsors tackle each year. Although this list is by no means exhaustive, it...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

BakerHostetler

DSIR Deeper Dive: Tracking the Crackdown on Tracking/Pixel Technologies: Web Litigation and Regulatory Landscape - Part 2

BakerHostetler on

In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more

Holland & Knight LLP

Lawsuit Seeks to Block OCR HIPAA Guidance on Online Tracking Tools

Holland & Knight LLP on

Hospitals care about patient privacy, but they also have to connect with the public. In the real world, people mostly connect online. Having a fully functional online presence often requires help from third parties. ...more

Console and Associates, P.C.

Mount Desert Island Hospital Notifies 24,180 of Data Breach Involving Leaked Social Security Numbers

Console and Associates, P.C. on

On June 30, 2023, Mount Desert Island Hospital (“MDIH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had gained...more

Dorsey & Whitney LLP

Tracking Online User Activity: HIPAA and Other Legal Risks

Dorsey & Whitney LLP on

The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking...more

Perkins Coie

DHHS Updates Resources for Mobile Health App Developers

Perkins Coie on

The COVID-19 pandemic and the resulting need for patient access to remote healthcare, as well as the development of contact-tracing apps, have spotlighted the importance of health-focused mobile applications (mHealth apps)....more

K&L Gates LLP

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert l March 2020

Shook, Hardy & Bacon L.L.P. on

Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more

Epstein Becker & Green

HHS Addresses Federal Court Invalidation of Certain Provisions of the HIPAA rule Relating to the Third-Party Requests for Patient...

Epstein Becker & Green on

On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more

Sheppard Mullin Richter & Hampton LLP

Company’s Vendor Suffers Breach, No Business Associate Agreement, $500K OCR Settlement

Sheppard Mullin Richter & Hampton LLP on

A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more

Harris Beach Murtha PLLC

Out-of-Business File Storage Company Paid $100K for Alleged HIPAA Violations

Harris Beach Murtha PLLC on

Yesterday, DHHS’s Office for Civil Rights (OCR) announced a $100,000 settlement with a dissolved medical records moving and storage company in Illinois. This is another example of OCR bringing enforcement actions against a...more

Williams Mullen

Don’t Let a “Man in the Middle” Monkey with Your Health Data

Williams Mullen on

There are numerous causes of breaches of protected health information (PHI), ranging from human oversights to “high-tech” errors. In April, the Office for Civil Rights (OCR) within the Department of Health and Human Services...more

Polsinelli

Agencies Encourage New Privacy Regulations to Close the mHealth Black Hole and Keep Pace with Evolving Technologies

Polsinelli on

On July 19, 2016, the ONC submitted a report to Congress which suggests that health privacy regulations soon may be revised to catch up with the universe of mHealth technologies that now use and share personal health data....more

Robinson+Cole Data Privacy + Security Insider

Raleigh Orthopedic Clinic settles with OCR for $750,000 for lack of business associate agreement

Robinson+Cole Data Privacy + Security Insider on

Consistent with the settlement the OCR agreed to with North Memorial Health Care of Minnesota, the Office for Civil Rights has settled its investigation of Raleigh Orthopaedic Clinic, P.A. (Raleigh Orthopaedic) for $750,000....more

Akerman LLP - Health Law Rx

Not a Check-the-Box Exercise: Failure to Have Signed BAA Results in Substantial Fine

Akerman LLP - Health Law Rx on

A group practice that was the victim of a silver-harvesting scam has agreed to pay the U.S. Department of Health and Human Services (“HHS”) $750,000 to settle charges that it released protected health information (“PHI”) of...more

Perkins Coie

SEC’s Increased Cybersecurity Enforcement and How to Reduce Your Risks

Perkins Coie on

The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more

17 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide