The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), which enforces HIPAA, recently announced a new enforcement initiative, the Risk Analysis Initiative, in conjunction with OCR’s seventh...more
On August 1, 2024, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced the imposition of a civil monetary penalty (“CMP”) of $115,200 collected against American Medical Response...more
In this episode, AGG Women in Tech Law attorneys Jackie Cooney, Madison Pool, and Michelle Davis discuss the intersection of AI and healthcare, focusing on how providers can effectively deploy AI tools while navigating the...more
Recently, the United States Department of Health and Human Services (“HHS”), Centers for Medicare & Medicaid Services (“CMS”), and Office of the National Coordinator for Health Information Technology (“ONC”) announced the...more
7/5/2024
/ Centers for Medicare & Medicaid Services (CMS) ,
Critical Access Hospitals ,
Department of Health and Human Services (HHS) ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Facilities ,
Hospitals ,
Information Blocking Rules ,
Medicare ,
MIPS ,
OIG ,
ONC
The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) recently released a revised version of its guidance titled “Use of Online Tracking Technologies by HIPAA Covered Entities and Business...more
Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more
3/21/2024
/ Compliance ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Popular ,
Risk Management
The U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) recently announced its 46th settlement under its Right of Access Initiative since it was initially launched in 2019. Allegations in the recent...more
The U.S. Department of Health and Human Services, Office of Inspector General (“OIG”) recently published a new resource titled General Compliance Program Guidance (“GCPG”), which is described as a reference guide for the...more
The U.S. Department of Health and Human Services (“HHS”) on October 30, 2023, issued a Notice of Proposed Rulemaking (“NPRM”) to establish penalties for healthcare providers found to have committed information blocking. This...more
11/9/2023
/ 21st Century Cures Act ,
Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Information Technologies ,
Information Blocking Rules ,
Medicare ,
NPRM ,
ONC
Summer is in full swing, but the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) is doing anything but taking a vacation from HIPAA. In May and June, OCR issued five resolution agreements...more
A popular saying is that it takes 21 days to form a habit and about 66 days on average for a behavior to become automatic. If that is correct, the three-year period of unprecedented waivers and flexibilities in the provision...more
With 2023 underway, healthcare providers and other “covered entities,” as defined under the Health Insurance Portability and Accountability Act (“HIPAA”), should be mindful of the upcoming annual reporting deadline for small...more
Recently, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced three more resolution agreements settling alleged violations of the HIPAA right of access. These agreements bring...more
In recent weeks, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced 12 resolution agreements settling alleged violations of the HIPAA rules. Covered entities and business...more
Enforcement Actions -
In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more
HIPAA-covered entities should note the quickly approaching March 1, 2022 deadline for reporting breaches of unsecured protected health information that occurred in 2021 and involved fewer than 500 individuals. This article...more
1/26/2022
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
Patient Privacy Rights ,
PHI ,
Reporting Requirements
On Friday, September 17, 2021, the Department of Justice announced criminal charges against 138 defendants, consisting of 42 doctors, nurses, and other medical professionals in 31 federal districts across the United States....more
The U.S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) recently updated its 2021 Work Plan in January to include audits of Medicare Part B and home health telehealth services by OIG’s Office...more
2020 was an active year for HIPAA regulatory activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). In this article, we take a look at some of the HIPAA highlights from 2020 and...more
As the end of 2020 approaches, the melody to “Auld Lang Syne” inevitably comes to mind. The meaning of this song is particularly appropriate as we consider what will stay, and what will pass when it comes to telehealth in...more
In a flurry of recent activity, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced eight resolution agreements since September 15, 2020. These resolution agreements settle...more
In response to the COVID-19 pandemic, the Centers for Medicare and Medicaid Services (CMS) has issued numerous telehealth waivers and flexibilities aimed at alleviating burdens for health care providers and facilitating the...more
On March 20, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) issued guidance in the form of FAQs in follow up to its Notification of Enforcement Discretion for good faith provision of...more
In this update, we incorporate information on waivers of penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of...more
After a quiet start, 2019 developed into another active enforcement year for HIPAA, with a notable flurry of activity in the last three months of 2019....more