The U.S. Department of Health and Human Services (HHS) has issued a Notice of Proposed Rulemaking (NPRM) that strengthens the Security Rule of the Health Insurance Portability and Accountability Act (HIPAA), which, if...more
The U.S. Department of Health and Human Services (HHS) has issued an unpublished Notice of Proposed Rulemaking (NPRM) that strengthens the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and, if...more
1/2/2025
/ Business Associates ,
Comment Period ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Facilities ,
HIPAA Security Rule ,
NPRM ,
OCR
Access to quality healthcare services has long been a priority of the U.S. Department of Health and Human Services (HHS), and through its Office for Civil Rights (OCR) this agency has, since at least 2001, sought to provide...more
12/18/2024
/ Affordable Care Act ,
Age Discrimination ,
Biden Administration ,
Bostock v Clayton County Georgia ,
Centers for Medicare & Medicaid Services (CMS) ,
Data-Sharing ,
Dear Colleague Letter ,
Department of Health and Human Services (HHS) ,
Executive Orders ,
Final Rules ,
Health Care Providers ,
Medicare ,
Non-Discrimination Rules ,
OCR ,
Patient Access ,
PHI ,
Private Right of Action ,
Regulatory Authority ,
Rehabilitation Act ,
Title IV ,
Title IX
In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more
12/4/2024
/ Business Associates ,
Compliance ,
Compliance Dates ,
Covered Entities ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
NIST ,
OCR ,
PHI ,
Privacy Laws ,
Reproductive Healthcare Issues ,
Security and Privacy Controls
President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more
10/31/2024
/ Artificial Intelligence ,
Biden Administration ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Enforcement ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Facilities ,
Incident Response Plans ,
Internet of Things ,
Medical Devices ,
NIST ,
OCR ,
Popular ,
Ransomware ,
Security and Privacy Controls ,
Technical Conference
A recent federal court decision is a victory for Health Insurance Portability and Accountability Act (HIPAA) covered entities using third-party tracking tools on unauthenticated webpages. These are websites available to the...more
6/26/2024
/ American Hospital Association et al v Becerra Secretary Of Health And Human Services et al ,
Business Associates ,
Covered Entities ,
Federal Trade Commission (FTC) ,
Final Judgment ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
IP Addresses ,
Judicial Review ,
OCR ,
PHI ,
Regulatory Authority ,
Warning Letters ,
Web Tracking ,
Websites
After months of uncertainty and multiple letters from industry associations advocating on behalf of the healthcare industry with the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR), covered...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more
5/14/2024
/ Audits ,
Business Associates ,
Compliance ,
Covered Entities ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
HITECH Act ,
OCR ,
PHI ,
Popular ,
Ransomware ,
Risk Assessment ,
Web Tracking
In the midst of an industry reeling from the Change Healthcare cybersecurity incident, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a series of final rules requiring...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued updated guidance on March 18, 2024 regarding the use of online tracking technologies by entities and business associates covered by the...more
3/19/2024
/ Business Associates ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Enforcement ,
Enforcement Priorities ,
Guidance Update ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
OCR ,
PHI ,
Tracking Systems ,
Web Tracking ,
Websites
Hospitals care about patient privacy, but they also have to connect with the public. In the real world, people mostly connect online. Having a fully functional online presence often requires help from third parties. ...more
11/8/2023
/ American Hospital Association ,
Business Associates ,
Class Action ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
OCR ,
PHI ,
Third-Party Service Provider ,
Tracking Systems ,
Web Tracking
Providing care via electronic communication when patients and providers are in separate locations, known as telemedicine or telehealth, has been possible for decades. The exigent circumstances sparked by the COVID-19 pandemic...more
For years, patients and healthcare companies have been wrestling with privacy issues relating to cookies, pixels and other tracking technologies. The U.S. Department of Health and Human Services' (HHS) Office of Civil Rights...more
12/5/2022
/ Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Guidance ,
OCR ,
Personally Identifiable Information ,
PHI ,
Popular ,
Tracking Systems ,
Web Tracking
Telehealth has been around for decades, but restrictive reimbursement rules kept it out of widespread use for many treatment needs. Then along came the COVID-19 pandemic and everything changed rapidly. Suddenly, due to the...more
10/5/2022
/ Compliance ,
Coronavirus/COVID-19 ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
GAO ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Reports ,
Medical Reimbursement ,
OCR ,
Patient Privacy Rights ,
Telehealth ,
Telemedicine
Privacy revisions under the Health Insurance Portability and Accountability Act (HIPAA) may be on the horizon, with some potential changes that could benefit both patients and the healthcare industry. Other changes, if...more
12/11/2020
/ Comment Period ,
Department of Health and Human Services (HHS) ,
EHR ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
NPRM ,
OCR ,
Patient Privacy Rights ,
PHI ,
Proposed Rules ,
Right of Access
Healthcare providers face a dilemma when patients post complaints or make other statements on social media. Just because a patient has made certain information public does not mean that the provider can also post protected...more
10/9/2019
/ Corporate Fines ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Online Reviews ,
PHI ,
Social Networks ,
Yelp
The federal Department of Health and Human Services' Office for Civil Rights, which enforces HIPAA, maintains a website with very helpful "frequently asked questions" (FAQs) regarding the HIPAA Privacy Rule and Security Rule....more
4/23/2019
/ App Developers ,
Covered Entities ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
EHR ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Mobile Apps ,
New Guidance ,
OCR
The Department of Health and Human Services' Office for Civil Rights (OCR) has issued a Request for Information, which is scheduled for publication in the Federal Register on Dec. 14, 2018. OCR is asking the public to provide...more
12/12/2018
/ Comment Period ,
Data Privacy ,
Data Security ,
Federal Register ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
OCR ,
PHI ,
Privacy Policy ,
Public Comment ,
Regulatory Agenda ,
Regulatory Burden ,
Request For Information ,
Value-Based Care
Another government settlement demonstrates that not having a HIPAA compliance program can be costly. U.S. Department of Health and Human Services (HHS)'s Office for Civil Rights (OCR) announced, on Dec. 4, 2018, that Advanced...more
12/6/2018
/ Corrective Actions ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
OCR ,
Policies and Procedures ,
Regulatory Oversight ,
Risk Management ,
Settlement Agreements
Under HIPAA, patients have a right to information about certain disclosures, referred to as an accounting. Under the current iteration of the regulations, covered entities and business associates need not account for...more
5/15/2018
/ Accounting ,
Advanced Notice of Proposed Rulemaking (ANPRM) ,
Business Associates ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Disclosure ,
Electronic Medical Records ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
OCR ,
Patient Rights ,
Proposed Rules ,
Recordkeeping Requirements
Timely Topics -
By Shannon B. Hartsfield -
The U.S. Department of Health and Human Services (HHS) announced on Jan. 18, 2018, the creation of a new division within its Office for Civil Rights (OCR). OCR is described as...more
1/29/2018
/ Abortion ,
Affordable Care Act ,
Appeals ,
Assisted Suicide ,
BOLI ,
Breach of Contract ,
Catholic Church ,
Charter Schools ,
Church Plans ,
Churches ,
Contraceptive Coverage Mandate ,
Defamation ,
Department of Health and Human Services (HHS) ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Establishment Clause ,
Executive Orders ,
Federal Funding ,
Federal Housing Administration (FHA) ,
Fees ,
First Amendment ,
Fourteenth Amendment ,
Freedom of Religion ,
Hospitals ,
Injunctive Relief ,
Interim Final Rules (IFR) ,
Internet ,
Medicaid ,
New Guidance ,
Nonprofits ,
OCR ,
Preliminary Injunctions ,
Priests ,
Proposed Rules ,
Public Accommodation ,
Public Health Service Act ,
Race Discrimination ,
Religious Discrimination ,
Religious Exemption ,
Religious Freedom Restoration Act (RFRA) ,
Religious Institutions ,
Religious Schools ,
Retirement Plan ,
RLUIPA ,
Same-Sex Marriage ,
Sexual Conduct ,
Sexual Orientation Discrimination ,
Summary Judgment ,
Trump v Hawaii ,
USCIS ,
Vetting
Medicaid -
Florida's Medicaid Third-Party Liability Act Pre-empted by Federal Law -
By Eddie Williams -
In Gallardo v. Dudek, Sec. of Florida Agency for Health Care Administration, No. 4:16cv116-MW/CAS, 2017 WL...more
6/7/2017
/ Anti-Kickback Statute ,
Antitrust Violations ,
Department of Health and Human Services (HHS) ,
Department of Justice (DOJ) ,
DSM ,
Enforcement Actions ,
Failure To Warn ,
False Claims Act (FCA) ,
Federal v State Law Application ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicaid ,
Medicaid Act ,
Misrepresentation ,
Noerr-Pennington Doctrine ,
OCR ,
Patent Infringement ,
Patents ,
Pharmaceutical Industry ,
Pharmacies ,
Preemption ,
Prescription Drugs ,
Sherman Act ,
Stark Law ,
Third-Party Liability ,
Unfair or Deceptive Trade Practices ,
Warning Labels
A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more
Health Insurance Portability and Accountability Act of 1996, as amended, (HIPAA) audits could be right around the corner for self-funded employee health plans. The Department of Health and Human Services' Office for Civil...more
On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more