Jennifer Urban

Jennifer Urban

Foley & Lardner LLP

Contact
View Bio
RSS

Latest Posts › Department of Health and Human Services (HHS)

Share:

HIPAA Breaches and Compliance: Key Findings & Lessons Learned from OCR’s Reports to Congress

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently submitted two annual reports to Congress setting forth a summary of complaints and breaches reported to the OCR during...more

2/22/2023  /  Breach Notification Rule , Civil Monetary Penalty , Compliance , Corrective Action Plans (CAPs) , Cybersecurity , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach , NIST , OCR , PHI , Risk Management

HHS Requests Comments on HIPAA/HITECH Act: Recognized Security Practices & Methodologies to Compensate Harmed Individuals

On April 4, 2022, the U.S. Department of Health and Human Services (HHS) released a Request for Information (RFI) seeking input from HIPAA-covered entities and business associates on how the industry understands and is...more

4/12/2022  /  Civil Monetary Penalty , Cybersecurity , Department of Health and Human Services (HHS) , Health Insurance Portability and Accountability Act (HIPAA) , HITECH Act , NIST , Request For Information

HIPAA: Top 5 Takeaways as HHS Addresses Misconceptions on Applicability to COVID-19 Vaccination Information

The federal Department of Health and Human Services (HHS) issued guidance on the applicability of HIPAA to COVID-19 vaccination information, directly addressing a number of misconceptions about when HIPAA does, or does not,...more

10/5/2021  /  Coronavirus/COVID-19 , Department of Health and Human Services (HHS) , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Privacy Rule , PHI , Vaccinations

Appeals Court Vacates HIPAA Penalty Imposed Against M.D. Anderson

On January 14, 2021, the U.S. Court of Appeals for the Fifth Circuit vacated the civil monetary penalty (CMP) imposed by the Department of Health and Human Services (HHS) against the University of Texas M.D. Anderson Cancer...more

1/29/2021  /  Appellate Courts , Civil Monetary Penalty , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Insurance Portability and Accountability Act (HIPAA) , HITECH Act , Penalties , PHI , Vacated

OCR Relaxes Enforcement on Providers Using Scheduling Apps for COVID-19 Vaccinations

On January 19, 2021, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Enforcement Discretion (Notice) announcing that it will not impose penalties for...more

1/26/2021  /  Coronavirus/COVID-19 , Department of Health and Human Services (HHS) , Encryption , Enforcement , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI , Privacy Settings , Public Health Emergency , Vaccinations

Key Findings & Takeaways from OCR HIPAA Audit Findings

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more

1/15/2021  /  Audits , Covered Entities , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach Notification Rule , HIPAA Privacy Rule , Notice of Privacy Practices , Notice of Proposed Rulemaking (NOPR) , OCR , Right of Access , Risk Management , Security Risk Assessments

Proposed Modifications to HIPAA Expands Individual Access Rights and Encourages Further Sharing of PHI for Care Coordination

On December 10, 2020, the Department of Health and Human Services, Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) to revise the HIPAA Privacy Rule. The proposed revisions to the Privacy Rule seek...more

12/14/2020  /  Department of Health and Human Services (HHS) , Disclosure Requirements , Health Insurance Portability and Accountability Act (HIPAA) , Notice of Privacy Practices , Notice of Proposed Rulemaking (NOPR) , OCR , PHI , Proposed Amendments , Right of Access

COVID-19: Privacy and Cybersecurity Regulatory and Enforcement Guidance

As industry continues to adapt to the evolving realities of shelter-in-place orders, companies face challenges in supporting an unprecedented remote workforce while balancing compliance with a variety of regulatory agencies....more

4/9/2020  /  Business Interruption , California Consumer Privacy Act (CCPA) , Coronavirus/COVID-19 , Cybersecurity , Data Privacy , Data Protection , Department of Health and Human Services (HHS) , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , Regulatory Standards , Remote Working , Small Business , State of Emergency

HIPAA: OCR Releases New FAQs Clarifying Disclosures Amongst Covered Entities

On June 26, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued two new FAQs that clarify: The parameters around covered entities sharing protected health information (PHI) for a...more

6/28/2019  /  Covered Entities , Department of Health and Human Services (HHS) , Disclosure , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI

OCR Clarifies Direct Liability for Business Associates under HIPAA

On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more

5/31/2019  /  Business Associates , Data Protection , Department of Health and Human Services (HHS) , Electronic Medical Records , Enforcement , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Liability , OCR , Personally Identifiable Information , PHI

DHHS Releases Guidance on Managing Cybersecurity Threats in the Health Care Sector

The U.S. Department of Health and Human Services (DHHS) recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). DHHS states that the purpose of the HICP is to: 1. Raise...more

1/15/2019  /  Cybersecurity , Department of Health and Human Services (HHS) , Health Care Providers , Health Industry Cybersecurity Practices (HICP) , Patient Privacy Rights , Risk Mitigation

Happy New Year! Potential Changes to HIPAA Requirements on the Horizon

On December 12, 2018, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), requested public comments on potential changes to the Health Insurance Portability and Accountability Act’s...more

12/19/2018  /  Comment Period , Cybersecurity , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Privacy Rule , OCR , PHI , Public Comment , Request For Information
12 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide