Recent developments at the federal and state level demonstrate that regulators are focused on protecting consumer health data. Specifically, state and federal regulators want to close the gap between HIPAA-protected data and...more
7/21/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
Electronic Medical Records ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach Notification Rule ,
Personally Identifiable Information ,
PHI ,
Privacy Laws ,
State Privacy Laws
The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently submitted two annual reports to Congress setting forth a summary of complaints and breaches reported to the OCR during...more
2/22/2023
/ Breach Notification Rule ,
Civil Monetary Penalty ,
Compliance ,
Corrective Action Plans (CAPs) ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
NIST ,
OCR ,
PHI ,
Risk Management
The federal Department of Health and Human Services (HHS) issued guidance on the applicability of HIPAA to COVID-19 vaccination information, directly addressing a number of misconceptions about when HIPAA does, or does not,...more
On January 14, 2021, the U.S. Court of Appeals for the Fifth Circuit vacated the civil monetary penalty (CMP) imposed by the Department of Health and Human Services (HHS) against the University of Texas M.D. Anderson Cancer...more
On January 19, 2021, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Enforcement Discretion (Notice) announcing that it will not impose penalties for...more
1/26/2021
/ Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Encryption ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Privacy Settings ,
Public Health Emergency ,
Vaccinations
On December 10, 2020, the Department of Health and Human Services, Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) to revise the HIPAA Privacy Rule. The proposed revisions to the Privacy Rule seek...more
In 2020, the Office for Civil Rights (OCR) kept the promise it made the prior year to “vigorously enforce” the rights of patients to access and exercise control over their medical records. OCR has settled ten “right of...more
12/11/2020
/ Billing ,
Corrective Action Plans (CAPs) ,
Fees ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
OCR ,
PHI ,
Proposed Rules ,
Right of Access ,
Settlement
The coronavirus (provisionally named SARS-CoV-2, with its disease being named COVID-19) has now been documented in more than 100 countries and territories. Over 120,000 cases have now been documented across the globe,...more
On June 26, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued two new FAQs that clarify:
The parameters around covered entities sharing protected health information (PHI) for a...more
On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more
5/31/2019
/ Business Associates ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Liability ,
OCR ,
Personally Identifiable Information ,
PHI
On December 12, 2018, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), requested public comments on potential changes to the Health Insurance Portability and Accountability Act’s...more
12/19/2018
/ Comment Period ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
OCR ,
PHI ,
Public Comment ,
Request For Information