Covered Entities and Business Associates may be ringing in the New Year with the prospect of responding to on-site HIPAA audits by federal regulators. The U.S. Department of Health and Human Services Office for Civil Rights...more
As the East Coast prepares for the arrival of Hurricane Matthew, covered entities and business associates should take the opportunity to remind their workforce members to safeguard protected health information (PHI) that is...more
10/6/2016
/ Business Associates ,
Covered Entities ,
Data Breach ,
Data Protection ,
Disaster Preparedness ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Medical Records ,
Natural Disasters ,
Patient Privacy Rights ,
PHI ,
Severe Weather
The Department of Health and Human Services Office for Civil Rights (OCR) announced on August 4, 2016, a settlement agreement with Advocate Health Care Network, an integrated healthcare system with ten hospitals and a...more
8/10/2016
/ Civil Monetary Penalty ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Hospitals ,
OCR ,
Personally Identifiable Information ,
PHI
Last week, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced the first HIPAA settlement involving a business associate. Catholic Health Care Services of the Archdiocese of Philadelphia...more
A New York hospital has settled with the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) for $2.2 million after allowing a TV crew for the ABC documentary series “NY Med” to film patients...more
Just in time for the Phase 2 audits, the Department of Health and Human Services Office for Civil Rights (OCR) quietly posted the updated HIPAA Audit Protocol on its website. The new audit protocol has been updated to include...more
The U.S. Department of Health and Human Services Office of Civil Rights (OCR) recently announced that it has started obtaining and verifying entity contact information to identify covered entities and business associates for...more
On February 25, 2016, the Office of Civil Rights (OCR) released a set of FAQs directed at healthcare providers and plans that are required to comply with the HIPAA Privacy Rule (the Privacy Rule). The guidance emphasizes that...more
Four years after publication of its proposed rule related to reporting and returning overpayments within 60 days, CMS has issued a final rule that responds to comments and provides greater clarity. The published rule is under...more
On January 4, 2016, the U.S. Department of Health and Human Services (HHS) issued a final rule that modifies the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. This modification expressly...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) kicked off the holiday season by publishing a settlement agreement under the Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more
In the latest challenge to a Florida law designed to promote early settlement of meritorious medical malpractice claims, the Florida First District Court of Appeal recently rejected a plaintiff’s arguments that 2013...more
On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more
7/16/2015
/ Compliance ,
Data Breach ,
Data Protection ,
Data-Sharing ,
Department of Health and Human Services (HHS) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Hospitals ,
Laptop Computers ,
OCR ,
PHI ,
Settlement
On June 26, 2015, the Internal Revenue Service (IRS) issued guidance to clarify how charitable hospitals may comply with regulations issued by the Department of Treasury under the Patient Protection and Affordable Care Act...more
7/14/2015
/ Affordable Care Act ,
Charitable Organizations ,
Compliance ,
Covered Providers ,
Financial Assistance Policies ,
Health Care Providers ,
Healthcare ,
Hospitals ,
IRS ,
Physicians ,
Section 501r ,
Tax Exempt Entities
The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it has reached an agreement with a small pharmacy to resolve potential HIPAA violations. The settlement arose from the...more
The United States Court of Appeals for the Eleventh Circuit recently concluded that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) does not prevent the application of a Florida law requiring...more
The United States Court of Appeals for the Eleventh Circuit recently concluded that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) does not prevent the application of a Florida law requiring...more
10/15/2014
On June 20, 2014, Governor Rick Scott signed into law the Florida Information Protection Act of 2014 ("FIPA"), which became effective July 1, 2014. FIPA expands the obligations of businesses and government entities that...more
7/29/2014
On June 25, 2014, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued a Special Fraud Alert entitled "Laboratory Payments to Referring Physicians."...more
On June 20, 2014, Governor Rick Scott signed into law the Florida Information Protection Act of 2014 ("FIPA"), which became effective July 1, 2014. FIPA expands the obligations of businesses and government entities that...more
Healthcare providers and businesses that store or process protected health information ("PHI") face increased scrutiny and significant fines for data privacy breaches and security lapses in the coming months....more
On May 7, 2014, the U.S. Department of Health and Human Services Office for Civil Rights ("OCR") announced the largest settlement to date under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). New...more
The U.S. Department of Health and Human Services ("HHS") has just released a new security risk assessment ("SRA") tool to assist small and medium sized health care practices (one to ten providers) conduct a HIPAA risk...more
As previously reported on November 13, 2013 and February 20, 2014, the Centers for Medicare and Medicaid Services ("CMS") has attempted to provide guidance as to when it is appropriate for issuers of "qualified health plans"...more
A judge in the United States District Court for the Southern District of Florida has approved a $3 million data breach class action settlement agreement between AvMed, Inc. and plaintiffs. The settlement arises out of a...more