On February 8, 2024, the U.S. Department of Health and Human Services, through its Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), released final rule (Final Rule)...more
2/15/2024
/ CARES Act ,
Department of Health and Human Services (HHS) ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
Medical Records ,
OCR ,
Patient Rights ,
Policies and Procedures ,
SAMHSA ,
Substance Abuse
On February 1, 2023, the Federal Trade Commission (“FTC”) announced that it filed a “first-of-its-kind proposed order” under its Health Breach Notification Rule promulgated pursuant to section 13407 of the American Recovery...more
2/8/2023
/ Advertising ,
Breach Notification Rule ,
Data Collection ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
PHI ,
Targeted Digital Advertising ,
Tracking Systems
Taking affirmative steps to protect sensitive IT information from disclosure during litigation is critical prior to, during and after cybersecurity incidents. Counsel and IT professionals can apply recent commentary from the...more
The HHS Office for Civil Rights (“OCR”) issued a notice in the Federal Register regarding its Enforcement Discretion (84 Fed. Reg. 18151) on April 30, 2019. HHS announced that HHS will now apply a different cumulative annual...more
5/15/2019
/ Civil Monetary Penalty ,
Data Breach ,
Electronic Medical Records ,
Enforcement Authority ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HITECH Act ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI
In December 2018, twelve state Attorneys General ("AGs") jointly filed suit against Medical Informatics Engineering, Inc. (“MIE”) claiming it violated the Health Insurance Portability and Accountability Act and its related...more
2/8/2019
/ Data Breach ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
Regulatory Violations ,
Risk Management ,
Security Rule
Health care organizations’ lack of compliance with the data privacy and security requirements of both state laws and the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security and Breach Notification...more
1/3/2019
/ Breach Notification Rule ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Electronic Medical Records ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Hospital Mergers ,
PHI ,
Popular ,
Privacy Rule
On May 29, 2018, Colorado Governor John Hickenlooper signed changes to Colorado law that significantly increase potential data breach burdens and financial penalties on entities operating in Colorado.1 Beginning September 1,...more
8/1/2018
/ Confidential Information ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
New Legislation ,
PHI ,
Popular ,
State and Local Government