1. What's Changed? The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued new and updated Frequently Asked Questions (FAQs) interpreting the HIPAA Privacy Rule. These additions align with...more
What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more
6/5/2025
/ Data Breach ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
HIPAA Security Rule ,
HIPAA Violations ,
OCR ,
PHI ,
Ransomware ,
Risk Management ,
Settlement
On January 23, 2020, the United States District Court for the District of Columbia declared sections of the 2013 Omnibus Rule unlawful. The Court found that the Department of Health and Human Services (HHS) impermissibly...more
2/5/2020
/ Administrative Procedure Act ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
EHR ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Access Request ,
HIPAA Omnibus Rule ,
HITECH Act ,
Lack of Authority ,
Notice and Comment ,
PHI ,
Popular ,
Third-Party Rights ,
Unlawful Policies ,
Vendors
The HIPAA Breach Notification Rule requires covered entities to notify the Secretary of the Department of Health and Human Services (HHS) if a breach of unsecured protected health information (PHI) is discovered. As most...more