During the week of April 18, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced two significant settlements with a large New York City hospital and a North Carolina orthopaedic...more
4/26/2016
/ Business Associates ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Film Industry ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
OCR ,
Patient Privacy Rights ,
PHI ,
Prior Authorization ,
Public Disclosure ,
Settlement
On March 21, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), announced the launch of the 2016 Phase 2 Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Audit...more
On March 17, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that the Feinstein Institution for Medical Research (“Feinstein”) agreed to pay $3.9 million to resolve...more
On March 16, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that North Memorial Health Care of Minnesota (“Memorial”) agreed to pay $1.55 million to resolve allegations that...more
The U.S. Department of Health & Human Services’ (“HHS”) Office for Civil Rights (“OCR”) and the Federal Trade Commission (“FTC”) were each involved in the resolution of high profile privacy matters in January 2016. The two...more
For those covered entities who experienced one or more HIPAA breaches involving less than 500 individuals during the calendar year 2015, the deadline for reporting those breaches to the Secretary of the U.S. Department of...more
On December 14, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a $750,000 settlement with the University of Washington (UW). This is the third HIPAA settlement announced by OCR...more
On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more
9/4/2015
/ Breach Notification Rule ,
Compliance ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
De-Identified Protected Health Information ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personally Identifiable Information ,
PHI ,
Popular ,
Privacy Policy ,
Settlement Agreements
On April 27, 2015, the U.S. Department of Health and Human Services (HHS) announced that Cornell Prescription Pharmacy (CPP), a single-location pharmacy in the Denver, Colo. metropolitan area, agreed to settle alleged HIPAA...more
The U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced on December 8, 2014 that a community behavioral health organization agreed to pay $150,000 and adopt a corrective action plan to...more
On June 11, 2014, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued two reports to Congress summarizing activities in calendar years 2011 and 2012. The Annual Report to Congress on...more
In the May 23, 2014 issue of the Federal Register (79 FR 29732), the Centers for Medicare & Medicaid Services (“CMS”) published a proposed rule (the “Proposed Rule”) that would change the so-called meaningful use stage...more
On March 28, 2014, the U.S. Department of Health and Human Services (“HHS”) announced the release of a security risk assessment (“SRA”) tool to assist small- to mid-sized providers in conducting risk assessments of their...more
In the December 27, 2013 edition of the Federal Register, the Office of Inspector General (“OIG”) and Centers for Medicare and Medicaid Services (“CMS”), both within the U.S. Department of Health and Human Services (“HHS”),...more