Last fall at the Safeguarding Health Information: Building Assurance Through HIPAA Security 2024 conference, U.S. Department of Health & Human Services Office for Civil Rights (OCR) promised that before year’s end, it would...more
12/31/2024
/ Compliance ,
Data Breach ,
Electronic Protected Health Information (ePHI) ,
Food and Drug Administration (FDA) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
Multi-Factor Authentication ,
OCR ,
Proposed Amendments ,
Proposed Rules ,
Ransomware
Preventing discrimination and bias in connection with the use of artificial intelligence (AI) in health care are among the principal current focuses of U.S. Department of Health and Human Services (HHS) and were included in...more
As we reflect on the flurry of activity in the health care data privacy and security space in 2023 and look ahead to what will continue to be a busy 2024, we are seeing the early stages of federal agency movement to align the...more
1/26/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Healthcare ,
HIPAA Privacy Rule ,
Information Blocking Rules ,
Mental Health ,
Notice of Proposed Rulemaking (NOPR) ,
OCR ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
Request For Information ,
SAMHSA ,
Substance Abuse ,
Transparency
The U.S. Department of Health and Human Services (HHS) released a concept paper on December 6, 2023 outlining its action plan to enhance cyber resiliency in the health care sector by proposing certain voluntary cybersecurity...more
The Office for Civil Rights (OCR) recently offered covered entities and business associates (Regulated Entities) not-so-subtle reminders in its October 2023 Cybersecurity Newsletter that effective sanction policies can...more
10/23/2023
/ Audits ,
Business Associates ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Noncompliance ,
OCR ,
Policies and Procedures ,
Sanctions
In response to concerns about the confidentiality of protected health information (PHI) related to reproductive health care less than one year after Dobbs v. Jackson Women’s Health Organization decision, and the prospect of...more
As illustrated by a recent Office for Civil Rights (OCR) settlement with a dental practice, health care entities continue to struggle with how to respond to negative online reviews while maintaining compliance with the HIPAA...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been busy over the past month announcing new enforcement actions and settlement agreements related to violations of the Privacy...more
All players in the health and wellness ecosystem should be following developments around the American Data Privacy and Protection Act (ADPPA). If enacted, the ADPPA would be a watershed in the regulation of the privacy and...more
The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) released a Request for Information (RFI) to obtain industry feedback and inform potential future rulemaking regarding information...more
4/14/2022
/ Civil Monetary Penalty ,
Cybersecurity ,
Cybersecurity Act of 2015 ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
NIST ,
OCR ,
Request For Information ,
Rulemaking Process ,
Social Security Act
While the Office of the National Coordinator for Health Information Technology (ONC) issued the 21st Century Cures Act; Interoperability, Information Blocking, and the ONC Health IT Certification Program (Information Blocking...more