News & Analysis as of July 30, 2025

Department of Health and Human Services (HHS)

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

Former OCR Director Fontes Rainer Reflects On ‘Imperfect’ RSP Law, Urges Final Security Reg

Health Care Compliance Association (HCCA) on 5/12/2025

In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having “recognized security practices” (RSPs) in place. But many more covered...more

Two CMPs and One Settlement Close Out 2024 HIPAA Enforcement

Saul Ewing LLP on 1/9/2025

December 2024 was an active month for the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"). OCR announced (i) a $1.19 million civil monetary penalty ("CMP") against Gulf Coast Pain...more

Biden Administration Finalizes Its Last Changes To Health Data Interoperability and Information Blocking Regulations

Ropes & Gray LLP on 1/8/2025

In December 2024, the Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (“ASTP/ONC”) within the U.S. Department of Health and Human Services (“HHS”) published two...more

HIPAA Reproductive Health Care Amendments: Compliance in an Uncertain Enforcement Landscape

Foley & Lardner LLP on 12/20/2024

The amendments to the HIPAA Privacy Rule designed to protect reproductive health care information (Amendments) are under legal challenge as the compliance date quickly approaches. As discussed in more detail in our...more

HIPAA Reproductive Healthcare Privacy – Recent Settlement Related to Privacy Rule Violation and Reminder of December 2024 Privacy...

King & Spalding on 12/18/2024

Last week, HHS Office of Civil Rights (OCR) announced a settlement with a Pennsylvania provider (the Provider) concerning an alleged violation of the HIPAA Privacy Rule. Specifically, the Provider impermissibly disclosed a...more

End of Year Compliance Updates

King & Spalding on 12/2/2024

On June 25, 2024, the Office for Civil Rights and the U.S. Department of Health and Human Services issued the HIPAA Privacy Rule To Support Reproductive Health Care (the “HIPAA Final Rule”) aimed at strengthening privacy...more

6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference

BakerHostetler on 11/13/2024

On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more

Navigating the Fallout: Essential Insights for Healthcare Companies in Light of the Change Healthcare Cyber Breach

Ankura on 10/7/2024

The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more

Action Items as a Result of HIPAA Privacy Rule Modifications

BCLP on 9/5/2024

On April 22, 2024, the U.S. Department of Health and Human Services (“HHS”) issued new regulations under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) that impose new restrictions on the use and...more

Providers Face HIPAA Compliance Questions After Change Healthcare Cyberattack

ArentFox Schiff on 6/19/2024

Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more

Forecasting the Integration of AI into Health Care Compliance Programs

Robinson+Cole Health Law Diagnosis on 4/12/2024

Health care entities maintain compliance programs in order to comply with the myriad changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial...more

News Briefs: January 8, 2024

Health Care Compliance Association (HCCA) on 2/20/2024

H. Lee Moffitt Cancer Center & Research Institute Hospital Inc. in Tampa, Florida, has agreed to pay $19.564 million to settle false claims allegations over claims submitted to federal health care programs for items and...more

‘An Unknown Individual Walked In’: Protecting Against Telehealth Risks Includes Non-IT Threats

Health Care Compliance Association (HCCA) on 2/9/2024

The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more

Uses, Disclosures, and HIPAA Compliance - Disclosure of Patient Information to News Outlet

Ankura on 1/9/2024

On November 20, 2023, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Saint Joseph’s Medical Center for potential violations of the Health Insurance...more

Report on Research Compliance Volume 20, Number 3. In This Month's E-News: March 2023

Health Care Compliance Association (HCCA) on 2/27/2023

Report on Research Compliance Volume 20, Number 3. February 23, 2023 - The Office of Management and Budget (OMB) is planning to revise the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for...more

New Proposed Part 2 Rules Aim for Greater HIPAA Alignment

Stoel Rives - Health Law Insider® on 2/7/2023

Long before enactment of HIPAA, substance use disorder (“SUD”) treatment records have enjoyed confidentiality protections under 42 C.F.R. Part 2 (“Part 2”). Since HIPAA/HITECH and related regulations went into effect, SUD...more

A HIPAA Privacy Notice A Day Keeps The Doctor Away (And Out Of Trouble)

DarrowEverett LLP on 1/26/2023

The start of 2023 has brought with it significant changes to data privacy – new state laws concerning data privacy came into effect January 1 (the California Privacy Rights Act and the Virginia Consumer Data Protection Act),...more

HHS Bulletin: Covered Entities’ Disclosure of PHI Collected via Online Tracking Technologies Falls under HIPAA

Proskauer on Privacy on 12/14/2022

On December 1, 2022, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a Bulletin to highlight the obligations of HIPAA-covered entities and business associates when using...more

HHS Proposes to Align Federal Substance Use Disorder Law with HIPAA

Foley & Lardner LLP on 11/30/2022

Proposed changes to the federal substance use disorder law will increase provider efficiency and alignment with the Health Insurance Portability and Accountability Act (HIPAA). In a move that seeks to decrease administrative...more

Understanding HIPAA Compliance Can Help Protect Health Care Providers Too

Miles & Stockbridge P.C. on 9/2/2021

It’s no secret that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) exists to protect the privacy of patients and their sensitive health information. However, understanding the importance of HIPAA...more

Report on Medicare Compliance Volume 30, Number 2. News Briefs: January 2021 #2

Health Care Compliance Association (HCCA) on 1/22/2021

Report on Medicare Compliance 30, no. 2 (January 18, 2021) - Recovery audit contractors (RACs) may soon be auditing positron emission tomography (PET) for initial treatment strategy in oncologic conditions for compliance...more

Information Blocking Rule Compliance Date Extended Due to Pandemic

Bradley Arant Boult Cummings LLP on 11/2/2020

The U.S. Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) released an interim final rule on October 29, 2020, delaying the implementation of the...more

Report on Medicare Compliance Volume 29, Number 13. News Briefs: April 2020

Health Care Compliance Association (HCCA) on 4/20/2020

Report on Medicare Compliance 29, no. 13 (April 6, 2020) - During the coronavirus pandemic, the HHS Office of Inspector General (OIG) is “trying to minimize the burdens on providers,” said Christi Grimm, principal deputy...more

COVID-19 and Data Protection Compliance in the US

White & Case LLP on 4/15/2020

Irrespective of your industry, the current COVID-19 pandemic poses a new and unique challenge to organizations, their employees, and their customers. The emergence of COVID-19 has prompted organizations to collect and process...more

Updated joint guidance on privacy and student education and health records

Health Care Compliance Association (HCCA) on 2/10/2020

Compliance Today (February 2020) - On December 19, the U.S. Department of Education and the Office for Civil Rights at the U.S. Department of Health and Human Services announced the release of the “updated joint guidance...more

26 Results

View per page

Page: of 2

Compliance › HIPAA Privacy Rule › Department of Health and Human Services (HHS)

"My best business intelligence, in one easy email…"