There has been a notable emphasis on proactive enforcement of the privacy and security of protected health information in recent weeks as evidenced by multiple developments regarding compliance with the Health Insurance...more
On April 6, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking public comment on "recognized security practices" and on sharing civil...more
4/11/2022
/ Business Associates ,
Civil Monetary Penalty ,
Covered Entities ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
NIST ,
OCR ,
Policies and Procedures ,
Public Comment
On January 23, 2020, the United States District Court for the District of Columbia declared sections of the 2013 Omnibus Rule unlawful. The Court found that the Department of Health and Human Services (HHS) impermissibly...more
2/5/2020
/ Administrative Procedure Act ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
EHR ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Access Request ,
HIPAA Omnibus Rule ,
HITECH Act ,
Lack of Authority ,
Notice and Comment ,
PHI ,
Popular ,
Third-Party Rights ,
Unlawful Policies ,
Vendors
The HIPAA Breach Notification Rule requires covered entities to notify the Secretary of the Department of Health and Human Services (HHS) if a breach of unsecured protected health information (PHI) is discovered. As most...more