Report on Research Compliance 20, no. 12 (December 2023)
Although the National Science Foundation (NSF) allowed more than half the costs questioned by auditors for its Office of Inspector General (OIG), the California...more
11/27/2023
/ Audits ,
Compliance ,
Corporate Misconduct ,
Digital Health ,
Fraud ,
Healthcare ,
HHS Office of Research Integrity (ORI) ,
Life Sciences ,
National Science Foundation ,
OIG ,
Research and Development ,
Scientific Research ,
Technology Sector
Report on Patient Privacy 23, no. 11 (November, 2023)
Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more
11/10/2023
/ Compliance ,
Corrective Action Plans (CAPs) ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Recovery ,
Electronic Protected Health Information (ePHI) ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Popular ,
Ransomware ,
Risk Management
Report on Patient Privacy 23, no. 10 (October, 2023)
By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
10/6/2023
/ Compliance ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Privacy Laws ,
Risk Assessment ,
Risk Management
Report on Patient Privacy Volume 23, no 8 (August 2023)
The allegation was shocking and, if true, would devastate the orthopedic surgeon’s reputation.
An online commenter accused him of operating on the wrong arm or...more
8/17/2023
/ Cybersecurity ,
Health Care Providers ,
Healthcare ,
Internet ,
OCR ,
Online Commentary ,
Online Reputation ,
Online Reviews ,
Privacy Concerns ,
Reputation Management ,
Reputational Injury ,
Retaliation ,
Slander
Report on Research Compliance Volume 20, no 8 (August 2023)
With the publication of a rule finalizing financial penalties for grant fraud and related violations of U.S. law, the HHS Office of Inspector General (OIG) has a...more
8/1/2023
/ Department of Health and Human Services (HHS) ,
Enforcement ,
Final Rules ,
Financial Fraud ,
Fines ,
Fraud ,
Fraud and Abuse ,
Grants ,
Health Care Providers ,
Healthcare ,
Information Blocking Rules ,
Medical Research ,
OIG ,
Penalties ,
Research and Development
Report on Patient Privacy Volume 23, no 7 (July 2023)
In two public talks this spring, Melanie Fontes Rainer, director of the HHS Office for Civil Rights (OCR), said completing the 2021 proposed regulation extensively...more
7/17/2023
/ Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
HIPAA Privacy Rule ,
HIPAA Violations ,
Information Blocking Rules ,
Information Technology ,
Investigations ,
OCR ,
Penalties ,
Proposed Regulation ,
Regulatory Requirements
At some point in the future, NIH may halt funding for clinical trials deemed too underpowered to produce meaningful findings or that fail to meet enrollment goals. To do this, the agency would have to adopt so-called...more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR -
As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
6/9/2023
/ Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
File Transfer Protocols (FTP) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Violations ,
OCR ,
PHI ,
Risk Assessment ,
Settlement ,
State Data Breach Notification Statutes ,
Subcontractors
The Council on Governmental Relations (COGR) is sounding an alarm regarding costs institutions have expended to comply with “new and clarified provisions calling for researchers to disclose all sources of research support and...more
11/28/2022
/ Clinical Trials ,
Department of Health and Human Services (HHS) ,
Exports ,
Healthcare ,
HHS Office of Research Integrity (ORI) ,
Life Sciences ,
National Institute of Health (NIH) ,
National Science Foundation ,
Research and Development ,
Scientific Research ,
The Common Rule
Two organizations representing research institutions and integrity officials have called for a virtual rewrite of the regulations that govern misconduct in Public Health Service-funded studies. The Association of Research...more
Report on Patient Privacy Volume 22, Number 11. (November 2022)
Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more
11/14/2022
/ Administrative Law Judge (ALJ) ,
Civil Monetary Penalty ,
Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Violations ,
HITECH Act ,
OCR ,
Patient Privacy Rights ,
PHI ,
Statutory Penalties
NIH is unable to “ensure grants have appropriate cybersecurity provisions” and should make nearly a half-dozen changes, according to auditors for the HHS Office of Inspector General (OIG). Yet, NIH said it had already made...more