On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more
11/13/2024
/ Business Associates ,
Compliance ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
NIST ,
NPRM ,
OCR ,
PHI ,
Professional Conferences ,
Right of Access ,
Risk Assessment ,
Risk Management
Late on March 27, Change Healthcare (CHC)’s parent company, UnitedHealth Group (UHG), provided an update on its analysis of the extent of “impacted data” involved in the CHC incident....more
BakerHostetler is closely monitoring imminent cybersecurity threats to healthcare revenue cycle management personnel and vendors.
Most recently, Change Healthcare (CHC), a healthcare technology and business management...more
2/26/2024
/ Breach Notification Rule ,
Business Associates ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Technology ,
Popular ,
Technology ,
Third-Party Service Provider
More than eight months into the Biden administration, the U.S. Department of Health & Human Services (HHS) announced the appointment of Lisa J. Pino as the new director of the Office for Civil Rights (OCR) on Sept. 27, 2021....more
The United States Court of Appeals for the Fifth Circuit recently found that the United States Department of Health and Human Services (HHS) lacked a lawful basis for a $4.3 million civil money penalty order that it issued to...more
On January 5, 2021, H.R. 7898 was signed into law with little fanfare, thereby amending the Health Information Technology for Economic and Clinical Health Act. As the healthcare industry continues to serve as one of the top...more
On Monday, the U.S. Department of Health and Human Services (HHS) issued what it calls “transformative” rules that will govern how healthcare providers, insurers and technology vendors must design their systems to give...more
In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus...more
Several weeks ago, South Dakota and Alabama became the final two states to enact data breach notification laws. The Alabama Data Breach Notification Act of 2018 takes effect on May 1, 2018, and imposes information security,...more