In this episode, Rebecca Schaefer and Martin Folliard discuss cybersecurity threats faced by health care organizations and a new federal research agency initiative to help create security tools to protect the US health care...more
In this episode, Rebecca Schaefer and J.D. Koesters review key components of the recent National Institute of Standards and Technology (NIST) revised publication regarding cybersecurity. They highlight how this resource...more
In this episode, Rebecca Schaefer interviews Gina Bertolini and Desiree Moore about the recent Federal Trade Commission (FTC) policy statement regarding the FTC Health Breach Notification Rule and its applicability to vendors...more
10/7/2021
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Health ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
Mobile Health Apps ,
PHI ,
Policy Statement ,
Vendors
In this week’s episode, Richard Church interviews Rebecca Schaefer about the intersection and blurred line between clinical research and quality initiatives. The presenters discuss what factors to consider when defining...more
INTRODUCTION - On 10 December 2020, the Office of Civil Rights (OCR) for the federal Department of Health and Human Services (the Department) issued Proposed Modifications to the HIPAA Privacy Rule to Support, and Remove...more
In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more
8/20/2020
/ Business Associates ,
Business Associates Agreement (BAA) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Encryption ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Hospitals ,
OCR ,
Parent Corporation ,
PHI ,
Policies and Procedures ,
Settlement Agreements ,
Third-Party Service Provider
In the context of an evolving COVID-19 response, there have between two notable regulatory developments relating to the Health Insurance Portability and Accountability Act (“HIPAA”) since the guidance issued by the Department...more
The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more
5/9/2019
/ Civil Monetary Penalty ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Interim Final Rules (IFR) ,
Patient Privacy Rights
Hospitals and health systems play a central role in helping to address the opioid crisis. Even before increased national attention, hospitals were developing policies, protocols, and procedures for opioid prescribing best...more