After a quiet start, 2019 developed into another active enforcement year for HIPAA, with a notable flurry of activity in the last three months of 2019....more
On September 9, 2019, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced the first enforcement action and settlement in its Right of Access Initiative (the “Initiative”). ...more
In its second HIPAA resolution agreement of 2019, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) again emphasizes the importance of compliance with the HIPAA Security Rule and of both timely...more
After a relatively slow first six months, 2018 turned into an active year for HIPAA enforcement, with the Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR) announcing the largest-ever HIPAA...more
On February 13, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its settlement with Filefax, Inc. to resolve alleged violations of the HIPAA Privacy Rule. Filefax was a...more
In recent years, the CFPB has struck fear into the C-suites of financial services companies. The agency was extraordinarily active in rulemaking that addresses every aspect of lending, prepaid cards and arbitration clauses in...more
1/17/2018
/ Civil Investigation Demand ,
Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Department of Labor (DOL) ,
Employer Liability Issues ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Popular ,
Sexual Harassment ,
Tax Cuts and Jobs Act ,
Tax Reform ,
Wage and Hour
With the announcements from OCR of three resolution agreements and one civil money penalty as of mid-February, OCR is off to a record start for HIPAA enforcement in 2017, with double the announcements as the same time last...more
With OCR’s recent announcement of its first enforcement action for lack of timely breach notification and its increased focus on small breaches, the upcoming annual reporting deadline for small breaches takes on increased...more
The Office for Civil Rights within the U.S. Department of Health and Human Services (OCR) recently announced that it has increased its review of breaches of protected health information affecting fewer than 500 individuals....more
HHS Office for Civil Rights (OCR) recently issued guidance addressing its approach to the 2016 Phase II HIPAA Desk Audits. In its announcement of the guidance, OCR emphasized the broader applicability of these resources...more
On July 11, 2016, e-mail notification was sent to 167 covered entities alerting them of their inclusion in the desk audit portion of OCR’s 2016 HIPAA audit program. Selected covered entities must respond no later than July...more
Through a series of releases in the first half of 2016, HHS Office for Civil Rights (“OCR”) issued guidance on the individual right of access to protected health information (“PHI”) provided under HIPAA. One topic with...more
On March 21, 2016, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the beginning of Phase 2 of its HIPAA audits of covered entities and their business associates. Per the OCR...more