News & Analysis as of

Business Associates Personally Identifiable Information Data Breach

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Troutman Pepper Locke

3 Takeaways From Recent Cyberattacks On Healthcare Cos.

Troutman Pepper Locke on

Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more

BCLP

Data Breach Litigation Preparation: What U.S. Laws Apply to Data Breaches?

BCLP on

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 19, Number 11. Privacy Briefs: November 2019

Health Care Compliance Association (HCCA) on

Report on Patient Privacy Volume 19, Number 11. (November 2019) ? The biggest threat to protected health information comes from carelessness within your organization, according to a brief from the Clearwater...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - June 2019

Skadden, Arps, Slate, Meagher & Flom LLP on

In this month's edition of our Privacy & Cybersecurity Update, we reflect on the GDPR's one-year anniversary while also examining the EU's new Cybersecurity Act. We also take a look at HHS' new guidance on direct liability of...more

Ballard Spahr LLP

A Modest HIPAA Settlement

Ballard Spahr LLP on

The Office of Civil Rights of the Department of Health and Human Services (OCR) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health care...more

Sheppard Mullin Richter & Hampton LLP

Cybersecurity, Inside Jobs, Outside Jobs, and HIPAA

Sheppard Mullin Richter & Hampton LLP on

According to a February 12, 2019 Press Release from Protenus, a developer of analytics for patient privacy monitoring and compliance, 15,085,302 patient records were breached in 2018 – a startling number made even more...more

Robinson+Cole Data Privacy + Security Insider

Cottage Health Settles with OCR for $3M

Robinson+Cole Data Privacy + Security Insider on

We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more

Sheppard Mullin Richter & Hampton LLP

Company’s Vendor Suffers Breach, No Business Associate Agreement, $500K OCR Settlement

Sheppard Mullin Richter & Hampton LLP on

A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more

Robinson+Cole Data Privacy + Security Insider

UMass Amherst Settles HIPAA Violations with OCR for $650,000

Robinson+Cole Data Privacy + Security Insider on

The Office for Civil Rights (OCR) has announced that the University of Massachusetts Amherst (UMass) has agreed to settle an investigation against it as a result of a malware infection for $650,000, along with implementing a...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Snell & Wilmer

HIPAA News: HHS Getting Tough On ePHI Data Breaches

Snell & Wilmer on

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more

Skadden, Arps, Slate, Meagher & Flom LLP

"Privacy & Cybersecurity Update - July 2016"

Skadden, Arps, Slate, Meagher & Flom LLP on

In this edition of our Privacy & Cybersecurity Update, we discuss the revised Privacy Shield and what companies should be doing to prepare for the new program, the FTC's reinstatement of its LabMD case, the European...more

Saul Ewing LLP

Seven-Figure Settlement Reinforces Necessity of Business Associate Agreements

Saul Ewing LLP on

On March 16, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced that North Memorial Health Care of Minnesota (“Memorial”) agreed to pay $1.55 million to resolve allegations that...more

Mintz - Health Care Viewpoints

Data-Harvesting Zombie Hackers, Blood-Thirsty Auditors, and Other Reasons to be Scared on Halloween

Mintz - Health Care Viewpoints on

This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more

Morgan Lewis

Final Rules Under HIPAA/HITECH Impact Employer Plans

Morgan Lewis on

Modifications to the rules require action by group health plan sponsors and their vendors, including revisions to policies and procedures and new privacy notices. On January 17, the Office for Civil Rights of the U.S....more

Pullman & Comley, LLC

Why Medical Providers Should Take Caution with Sensitive Information, Especially With Mobile Devices

Pullman & Comley, LLC on

We continue to hear reports of large-scale data breaches that involve the loss or theft of thousands of records containing personally identifiable information of individuals (PII). If such a loss or theft is determined to...more

16 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide