At the close of 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (the Proposed Rule) to amend the Security Rule regulations established...more
On February 8, 2024, the U.S. Department of Health and Human Services (HHS) issued a final rule (Final Rule) updating federal “Part 2” regulations to more closely align the requirements applicable to substance use disorder...more
On April 12, 2023, the U.S. Department of Health & Human Services (HHS) released a Notice of Proposed Rulemaking (Proposed Rule) that seeks to enhance safeguards of reproductive health care information through changes to the...more
4/18/2023
/ Abortion ,
Biden Administration ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
New Guidance ,
Patient Access ,
Patient Privacy Rights ,
PHI ,
Pregnancy ,
Reproductive Healthcare Issues ,
SCOTUS ,
Women's Rights
On April 12, 2023, the U.S. Department of Health & Human Services (HHS) released a Notice of Proposed Rulemaking (Proposed Rule) that seeks to enhance safeguards of reproductive health care information through changes to the...more
4/17/2023
/ Abortion ,
Biden Administration ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
NPRM ,
Patient Privacy Rights ,
PHI ,
Pregnancy ,
Proposed Rules ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
SCOTUS ,
Women's Rights
On April 11, 2023 – one month in advance of the end of the COVID-19 public health emergency (PHE) on May 11, 2023 – the federal Office for Civil Rights (OCR) confirmed that various Notifications of Enforcement Discretion...more
On April 11, 2023 – one month in advance of the end of the COVID-19 public health emergency (PHE) on May 11, 2023 – the federal Office for Civil Rights (OCR) confirmed that various Notifications of Enforcement Discretion...more
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently issued new guidance (Guidance) on the use of remote communication technologies to deliver audio-only telehealth in accordance with...more
6/28/2022
/ Coronavirus/COVID-19 ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
HIPAA Security Rule ,
Infectious Diseases ,
New Guidance ,
OCR ,
Patient Access ,
Relief Measures ,
Remote Proceedings ,
Telehealth ,
Telemedicine
On February 28, 2022, the Office of the National Coordinator for Health Information Technology (ONC) issued data on information blocking claims received since April 5, 2021, the effective date of information blocking...more
3/3/2022
/ 21st Century Cures Act ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Information Blocking Rules ,
Information Technology ,
ONC ,
Regulatory Requirements
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more
On January 14, 2021, the U.S. Court of Appeals for the Fifth Circuit overturned a $4.348 million penalty for alleged HIPAA violations assessed by the U.S. Department of Health & Human Services (HHS) against the University of...more
As COVID-19 cases continue to surge, many employers have implemented a variety of safeguards to limit the spread of COVID-19 in their workplaces. One safeguard being utilized is a COVID-19 testing program. As a preliminary...more
1/7/2021
/ Coronavirus/COVID-19 ,
Employer Liability Issues ,
Employer Responsibilities ,
Health and Safety ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Risk Management ,
Third-Party Risk ,
Vendors ,
Virus Testing ,
Workplace Safety
On December 10, 2020, the U.S. Department of Health and Human Services (HHS) announced proposed changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, which is one of several rules that...more
On June 12, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued timely HIPAA guidance (Guidance) regarding solicitations of blood and plasma donations from recovered COVID-19 patients....more
On April 9, 2020 the Department of Health & Human Services Office for Civil Rights (OCR) issued another Notification that it will exercise its enforcement discretion and not impose penalties for HIPAA violations in connection...more
Microsoft Issues Cybersecurity Risk Warning and Offers Help to Hospitals During COVID-19 Crisis -
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk...more
4/6/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Microsoft ,
OCR ,
Popular ,
Telemarketing ,
Vulnerability Assessments
On March 27, Congress enacted the Coronavirus Aid, Relief, and Economic Security Act (CARES Act, or the Act), Public Law 116-136, a trillion-dollar stimulus bill intended to provide financial assistance to individuals and...more
COVID-19 Vaccine Test Lab Hit by Maze Ransomware -
Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, the ransomware recently...more
3/31/2020
/ California Consumer Privacy Act (CCPA) ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Federal Aviation Administration (FAA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Ransomware ,
Spam ,
Telecommuting ,
Telehealth
On March 24, 2020, the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) issued new HIPAA guidance to help providers and first responders in efforts to combat the COVID-19 pandemic....more
On March 20, the U.S. Department of Health and Human Services (HHS) issued additional guidance in the form of Frequently Asked Questions (FAQs) on HIPAA and telehealth services to help providers furnish care during the...more
On March 19, Connecticut Governor Ned Lamont issued Executive Order No. 7G, which is intended to expand access to telehealth services for Connecticut residents amidst the COVID-19 pandemic....more
On February 3, 2020, the U.S. Department of Health and Human Services (HHS) issued a bulletin (the Bulletin) to remind covered entities and business associates of how patient information may be shared under HIPAA in the event...more
2/10/2020
/ Business Associates ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Disclosure ,
Electronic Medical Records ,
Emergency Management Plans ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Infectious Diseases ,
New Guidance ,
Patient Privacy Rights ,
PHI ,
Popular
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/7/2020
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Infectious Diseases ,
Malware ,
Medical Records ,
OCR ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Public Health ,
Retailers ,
Tax Fraud ,
Vulnerability Assessments
It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more
12/23/2019
/ Biometric Information ,
Clinical Laboratories ,
Connected Cars ,
Connected Items ,
Criminal Conspiracy ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Extradition ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Identity Theft ,
Information Technology ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Settlement
On December 12, 2019, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced its second “HIPAA Right of Access Initiative” settlement of alleged HIPAA violations....more
National Veterinary Associates (NVA), a large network of veterinary hospitals and clinics, has reportedly been the victim of a ransomware attack. According to the reports, NVA employs more than 2,600 veterinarians, with over...more
12/11/2019
/ Aviation Industry ,
Beneficiaries ,
Biometric Information ,
Bitcoin ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Restaurant Industry ,
Settlement Agreements ,
Virtual Currency