The U.S. District Court for the Northern District of Texas on June 18, 2025, issued an order vacating the HIPAA Privacy Rule to Support Reproductive Health Care Privacy, published on April 26, 2024, which amended the Health...more
6/20/2025
/ Data Privacy ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Judicial Review ,
Patient Privacy Rights ,
PHI ,
Privacy Laws ,
Reproductive Healthcare Issues ,
Statutory Authority ,
Vacated
In the third and final episode of Florida Capital Conversations' healthcare privacy series, Tallahassee attorneys Shannon Hartsfield and Eddie Williams join hosts Nathan Adams and Mia McKown to discuss the challenges of...more
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
5/14/2025
/ Biden Administration ,
Business Associates ,
Covered Entities ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Executive Orders ,
Health Insurance Portability and Accountability Act (HIPAA) ,
International Data Transfers ,
International Emergency Economic Powers Act (IEEPA) ,
National Security ,
New Regulations ,
NIST ,
PHI ,
Regulatory Requirements ,
Sensitive Personal Information ,
Trump Administration
In the first episode of a "Florida Capital Conversations" new healthcare privacy series, Tallahassee healthcare attorneys Shannon Hartsfield and Eddie Williams discuss the evolving landscape of genetic data privacy, focusing...more
In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more
12/4/2024
/ Business Associates ,
Compliance ,
Compliance Dates ,
Covered Entities ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
NIST ,
OCR ,
PHI ,
Privacy Laws ,
Reproductive Healthcare Issues ,
Security and Privacy Controls
Healthcare providers running on thin margins or just seeking new (and in the case of tax-exempt providers, permissible) revenue sources may jump at the chance when third party vendors offer to help them monetize their patient...more
7/22/2024
/ Business Associates ,
Data Privacy ,
Data Security ,
Data Selling ,
De-Identification ,
De-Identified Protected Health Information ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Monetization ,
Penalties ,
PHI ,
Privacy Laws ,
Statutory Violations
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more
5/14/2024
/ Audits ,
Business Associates ,
Compliance ,
Covered Entities ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
HITECH Act ,
OCR ,
PHI ,
Popular ,
Ransomware ,
Risk Assessment ,
Web Tracking
In this episode of our “Florida Capital Conversations” podcast series, healthcare attorneys Mia McKown, Eddie Williams and Shannon Hartsfield discuss how privacy violations can put a healthcare practitioner's license at risk....more
For years, patients and healthcare companies have been wrestling with privacy issues relating to cookies, pixels and other tracking technologies. The U.S. Department of Health and Human Services' (HHS) Office of Civil Rights...more
12/5/2022
/ Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Guidance ,
OCR ,
Personally Identifiable Information ,
PHI ,
Popular ,
Tracking Systems ,
Web Tracking
Telehealth has been around for decades, but restrictive reimbursement rules kept it out of widespread use for many treatment needs. Then along came the COVID-19 pandemic and everything changed rapidly. Suddenly, due to the...more
10/5/2022
/ Compliance ,
Coronavirus/COVID-19 ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
GAO ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Reports ,
Medical Reimbursement ,
OCR ,
Patient Privacy Rights ,
Telehealth ,
Telemedicine
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
1/14/2019
/ Best Practices ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Theft ,
Department of Health and Human Services (HHS) ,
Department of Homeland Security (DHS) ,
Food and Drug Administration (FDA) ,
Hackers ,
Health Care Providers ,
Health Clinics ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Hospitals ,
Information Technology ,
Medical Devices ,
NIST ,
Patient Safety ,
Personally Identifiable Information ,
PHI ,
Phishing Scams ,
Popular ,
Ransomware ,
Risk Mitigation ,
Standard of Care
The Department of Health and Human Services' Office for Civil Rights (OCR) has issued a Request for Information, which is scheduled for publication in the Federal Register on Dec. 14, 2018. OCR is asking the public to provide...more
12/12/2018
/ Comment Period ,
Data Privacy ,
Data Security ,
Federal Register ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
OCR ,
PHI ,
Privacy Policy ,
Public Comment ,
Regulatory Agenda ,
Regulatory Burden ,
Request For Information ,
Value-Based Care
HIPAA and several other privacy laws do not include a private right of action. This is cold comfort for healthcare providers, health plans and other members of the healthcare industry if a patient is able to demonstrate that...more
11/16/2018
/ Appeals ,
Breach of Duty ,
Common Law Torts ,
Data Privacy ,
Department of Corrections ,
Duty of Confidentiality ,
Fiduciary Duty ,
Former Employee ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hiring & Firing ,
Medical Records ,
Negligence ,
Patient Privacy Rights ,
Physicians ,
Privacy Laws ,
Private Right of Action
The Department of Health and Human Services' Office of the Inspector General (HHS OIG) announced a new cybersecurity website on Oct. 9, 2018.
The OIG stated that it has formed a Cybersecurity Team made up of "auditors,...more