Marcy Wilder on Health Care Providers

New California laws impact uses of AI by health care providers, insurers, and vendors

Recent actions by state and federal lawmakers are trending toward increased regulation and oversight of uses of AI in health care. From patient communications to medical necessity determinations and more, legislators and...more

10/29/2024 / Artificial Intelligence , Centers for Medicare & Medicaid Services (CMS) , Department of Health and Human Services (HHS) , Health Care Providers , Machine Learning , Physicians

HHS final rule requires HIPAA compliance changes for reproductive health care information

The HIPAA Privacy Rule has been modified by the US Department of Health and Human Services (HHS) to increase privacy protections for reproductive health care information. These changes, which will take effect in early 2026,...more

4/26/2024 / Data Privacy , Department of Health and Human Services (HHS) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Reproductive Healthcare Issues

HHS OCR creates new HIPAA enforcement arm and enhances focus on cybersecurity and privacy oversight

This week the U.S. Department of Health and Human Services, the agency responsible for HIPAA enforcement, announced the formation of three new divisions within the Office for Civil Rights (“OCR”). The new divisions –...more

3/2/2023 / Cybersecurity , Data Breach , Data Privacy , Data Security , Department of Health and Human Services (HHS) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR

On notice: Proposed changes to SUD rules may alter HIPAA notice of privacy practices requirements

HIPAA covered entities will be required to change their HIPAA Notices of Privacy Practices (NPPs) if a recent proposed rule by the US Department of Health and Human Services is finalized. The Proposed Rule is designed to...more

12/22/2022 / Covered Entities , Department of Health and Human Services (HHS) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Privacy Rule , Substance Abuse

HHS seeks comment by June 6 on recognized security practices as mitigating factor in HIPAA enforcement

The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more

4/19/2022 / Cybersecurity , Department of Health and Human Services (HHS) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HITECH Act , NIST , OCR , Public Comment , Request For Information

FTC emphasizes expectations around the health breach notification rule

The Federal Trade Commission (FTC) recently has signaled its intent to inject new life into a longstanding but rarely triggered rule governing health breach notifications for non-HIPAA-covered health records. Specifically,...more

2/28/2022 / Breach Notification Rule , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Digital Health , Federal Trade Commission (FTC) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Popular

FTC reinforces breach notification duties for health apps and connected health and wellness devices

A new Policy Statement from the US Federal Trade Commission places companies that offer consumer-facing health apps and connected health and wellness devices on notice that they may be covered by a Health Breach Notification...more

10/6/2021 / American Recovery and Reinvestment Act , Application Programming Interface (APIs) , Breach Notification Rule , Cybersecurity , Data Breach , Data Privacy , Department of Health and Human Services (HHS) , Federal Trade Commission (FTC) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Mobile Health Apps , Policy Statement , Popular

NIST seeks public comment to inform updates to HIPAA Security Rule guidance

The National Institute of Standards and Technology (NIST) is seeking public comment as it prepares to update its Introductory Resource Guide on implementing the Health Insurance Portability and Accountability Act (HIPAA)...more

5/17/2021 / Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Security Rule , NIST , Public Comment

Fifth Circuit Vacates $4.3M Penalty Against MD Anderson Related to Data Losses - Challenge to Civil Money Penalties Imposed by HHS...

There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more

2/2/2021 / Data Breach , Data Security , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Privacy Rule , OCR , Patient Privacy Rights

HHS proposes changes to key provisions of the HIPAA Privacy Rule

HIPAA Privacy Rule changes that have the potential to significantly impact patients, covered entities, and business associates were proposed by the Department of Health and Human Services (HHS) in a Notice of Proposed...more

12/22/2020 / 21st Century Cures Act , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Healthcare Reform , HIPAA Privacy Rule , Right of Access

OCR Provides Insight into Enforcement Priorities and Breach Trends

Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and...more

10/22/2019 / Cyber Attacks , Cybersecurity , Cybersecurity Framework , Data Breach , Department of Health and Human Services (HHS) , Electronic Medical Records , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach , Information Technology , NIST , OCR , Personally Identifiable Information , PHI , Right of Access , Risk Assessment

HIPAA Penalty Caps to Be Reduced and Tied to Culpability Level

In a dramatic turn, the US Department of Health and Human Services (HHS) has announced that effective immediately, penalties for many HIPAA violations will be subject to substantially reduced limits. ...more

4/30/2019 / Data Breach , Department of Health and Human Services (HHS) , Electronic Medical Records , Electronic Protected Health Information (ePHI) , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach , HITECH Act , Penalties

Recap of the OCR/NIST Conference on Safeguarding Health Information

Regulators provided key insights into enforcement trends and potential changes to HIPAA regulations at the 11th Annual “Safeguarding Health Information: Building Assurance Through HIPAA Security” conference in October...more

11/19/2018 / Cybersecurity , Data Protection , Electronic Medical Records , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , NIST , OCR , Personally Identifiable Information , PHI , Security Risk Assessments

How the U.S. Healthcare Sector Can Prepare for and Harden Its Systems Against Cyberattack

“The number one issue on the minds of many CEOs and boards is cyberattacks and data breaches,” said Hogan Lovells partner Marcy Wilder. In this hoganlovells.com interview, Wilder discusses three key things health sector...more

8/7/2017 / Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Hackers , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach , Information Technology , Personally Identifiable Information , Ransomware , Risk Management

Marcy Wilder

Hogan Lovells

Popular Topics by This Author

Latest Posts › Health Care Providers