AI scribes are quickly becoming the digital sidekick of modern health care. They promise to reduce clinician burnout, streamline documentation, and improve the patient experience. But as health care providers and digital...more
6/10/2025
/ Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Security ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Machine Learning ,
PHI ,
Popular ,
Risk Management
Recognizing the evolving landscape of care delivery and growth of telehealth, the U.S. Department of Health and Human Services (HHS) published a resource guide aimed at assisting telehealth providers in explaining the privacy...more
Florida health care providers and digital health technology platforms should be on alert that a newly passed law requires providers using certified electronic health record technology (CEHRT) to ensure that all patient...more
Session #1: State of the Healthcare Industry Effective Compliance Plans and Enforcement Trends -
In their discussion of compliance program effectiveness and enforcement, attorneys Kolarik and Waltz and Ms. Sumner...more
2/23/2023
/ Centers for Medicare & Medicaid Services (CMS) ,
Compliance ,
Consolidated Appropriations Act (CAA) ,
Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
Dispute Resolution ,
Enforcement ,
Health Care Providers ,
Healthcare ,
Medicaid ,
Medicare ,
Mental Health ,
No Surprises Act (NSA) ,
Physician Fee Schedule ,
Public Health Emergency ,
Risk Assessment
The Federal Trade Commission (FTC) just released a Policy Statement emphasizing how telemedicine and digital health apps can be held accountable under the Health Breach Notification Rule, even if the company is not subject to...more
On January 19, 2021, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Enforcement Discretion (Notice) announcing that it will not impose penalties for...more
1/26/2021
/ Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Encryption ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Privacy Settings ,
Public Health Emergency ,
Vaccinations
The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more
1/15/2021
/ Audits ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
HIPAA Privacy Rule ,
Notice of Privacy Practices ,
Notice of Proposed Rulemaking (NOPR) ,
OCR ,
Right of Access ,
Risk Management ,
Security Risk Assessments
In 2020, the Office for Civil Rights (OCR) kept the promise it made the prior year to “vigorously enforce” the rights of patients to access and exercise control over their medical records. OCR has settled ten “right of...more
12/11/2020
/ Billing ,
Corrective Action Plans (CAPs) ,
Fees ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
OCR ,
PHI ,
Proposed Rules ,
Right of Access ,
Settlement
The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more
4/6/2020
/ Business Associates Agreement (BAA) ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management
The Coronavirus Aid, Relief, and Economic Security Act (CARES Act) passed by the Senate on March 25, 2020 would make fundamental changes to the federal law, 42 U.S.C. § 290dd-2, implemented at 42 C.F.R. Part 2 that governs...more
On December 12, 2019, the Office for Civil Rights (OCR) announced its second enforcement action this year related to an individual’s right to access his/her protected health information (PHI). Korunda Medical, LLC (Korunda)...more
One health system recently learned the cost of relying too heavily on the HIPAA Breach Notification Rule’s “low probability of compromise” standard when it failed to notify all affected individuals and report the HIPAA breach...more
12/5/2019
/ Breach Notification Rule ,
Business Associates ,
Covered Entities ,
Data Breach ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Reporting Requirements ,
Security Risk Assessments ,
Settlement Agreements
Recently proposed changes to the federal regulations governing the confidentiality of substance-use disorder patient records (Part 2) would all but eliminate the most significant and intractable barrier to sharing protected...more
On June 26, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued two new FAQs that clarify:
The parameters around covered entities sharing protected health information (PHI) for a...more
On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more
5/31/2019
/ Business Associates ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Liability ,
OCR ,
Personally Identifiable Information ,
PHI
The U.S. Department of Health and Human Services (HHS) recently proposed two new rules designed to increase patient and provider access to health records. As stated by HHS in its press release, the proposed rules “will...more
2/21/2019
/ Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Exchanges ,
Health Insurance Portability and Accountability Act (HIPAA) ,
MIPS ,
ONC ,
Patient Privacy Rights ,
Proposed Rules ,
Public Comment
The U.S. Department of Health and Human Services (DHHS) recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). DHHS states that the purpose of the HICP is to:
1. Raise...more
With the news of the newest international ransomware campaign that is currently affecting some organizations within the Health Care sector, it is important to not only educate staff on necessary precautions, but also be aware...more