The U.S. Department of Health and Human Services Centers for Medicare and Medicaid Services and Office of the Secretary (collectively, HHS) released on May 6, 2024, the agencies' Final Rule governing the implementation of...more
5/13/2024
/ Affordable Care Act ,
Anti-Discrimination Policies ,
Compliance ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance ,
Non-Discrimination Rules ,
Notice Requirements ,
Policies and Procedures ,
Section 1557
On April 6, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking public comment on "recognized security practices" and on sharing civil...more
4/11/2022
/ Business Associates ,
Civil Monetary Penalty ,
Covered Entities ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
NIST ,
OCR ,
Policies and Procedures ,
Public Comment
On January 23, 2020, the United States District Court for the District of Columbia declared sections of the 2013 Omnibus Rule unlawful. The Court found that the Department of Health and Human Services (HHS) impermissibly...more
2/5/2020
/ Administrative Procedure Act ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
EHR ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Access Request ,
HIPAA Omnibus Rule ,
HITECH Act ,
Lack of Authority ,
Notice and Comment ,
PHI ,
Popular ,
Third-Party Rights ,
Unlawful Policies ,
Vendors
Organizations that meet the definition of "covered entity" under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) must be diligent to maintain the privacy and security...more
4/23/2019
/ Business Associates ,
Covered Entities ,
Cyber Insurance ,
Data Breach ,
Data Privacy ,
Data Security ,
Data Use Policies ,
Electronic Protected Health Information (ePHI) ,
Employee Training ,
Encryption ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Long Term Care Facilities ,
Long-Term Care ,
OCR ,
Passwords ,
Patient Privacy Rights ,
Patients ,
Phishing Scams ,
Popular ,
Portable Devices ,
Risk Assessment
The HIPAA Breach Notification Rule requires covered entities to notify the Secretary of the Department of Health and Human Services (HHS) if a breach of unsecured protected health information (PHI) is discovered. As most...more