Updates to Statute 1557 that Healthcare Providers Need to Know
Privacy and Healthcare Business Associates with Isabella Porter
State Law Privacy Video Series | Healthcare Entities and Health Data
Gerry Blass on Healthcare Vendor Risk Management
AGG Talks: Technology - In the Balance: Interoperability and Security
Is Your Practice's Marketing HIPAA Compliant?
Relaxed HIPAA Restrictions For Providers Using Telehealth
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
Polsinelli Podcasts - Confusion to Clarity on the Future of the 340B Program
Polsinelli Podcast - HIPAA Changes Overview
A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
Online tracking technologies are used by healthcare and hospital systems throughout the United States to analyze their website traffic, personalize content, and provide relevant information to website visitors, some of whom...more
When the U.S. Department of Health and Human Services, Office for Civil Rights (HHS OCR) issued its guidance on “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates” on Dec. 1, 2022 Original...more
Hospitals care about patient privacy, but they also have to connect with the public. In the real world, people mostly connect online. Having a fully functional online presence often requires help from third parties. ...more
Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us at HCCA’s Annual Healthcare Enforcement Compliance Conference to...more
On Aug. 4, the Department of Health and Human Services (HHS) published its proposed rule, Nondiscrimination in Health Care and Activities (Proposed Rule), to revise its regulations pertaining to Section 1557 of the...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
The United States Court of Appeals for the Fifth Circuit (the “Court”) vacated a $4,348,000 civil monetary penalty (“CMP”) imposed by the U.S. Department of Health and Human Services’ Office for Civil Rights (“HHS-OCR”) in...more
Report on Medicare Compliance 30, no. 2 (January 18, 2021) - Recovery audit contractors (RACs) may soon be auditing positron emission tomography (PET) for initial treatment strategy in oncologic conditions for compliance...more
In this episode, Richard Church and Victoria Hamscho discuss recent developments in the 340B Drug Pricing Program, including recent COVID-19 guidance by the Health Resources and Services Administration and hospital requests...more
Late last year, we noted that the Massachusetts Medicaid program had proposed regulations to address issues related to the prohibition on duplicate discounts in the 340B program. The Massachusetts solution was relatively...more
Less than two weeks into the new year, the federal government has released two new publications addressing concerns related to 340B Program oversight by both state and federal agencies. After a relatively quiet 2019, 340B...more
On October 23, 2019, the Office for Civil Rights (OCR) at HHS announced the imposition of a $2,154,000 civil monetary penalty against a Florida hospital system (Hospital System) for alleged violations of the HIPAA Security...more
OIG maintains a list of all currently excluded individuals and entities called the "List of Excluded Individuals/Entities," or LEIE. Covered entities that hire – or continue to employ or work with – an individual or entity on...more
A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more
The U.S. Department of Health and Human Services (“HHS”) recently published a final rule on the 340B Drug Pricing Program (“340B Program”), moving the effective date for changes to the program up to January 1, 2019. Making...more
Two recent announcements by the Health Resources and Services Administration (HRSA) highlight the agency's plans for increased oversight in the next year of drug manufacturers under the 340B drug pricing program and...more
A Colorado Hospital reached an $111,400 settlement with the Office for Civil Rights (“OCR”) for failing to terminate a former employee’s access to electronic protected health information. OCR’s investigation uncovered that...more
On September 20, 2018, the U.S. Department of Health and Human Services (HHS) announced that it reached settlements with three hospitals for compromising the privacy of patients’ protected health information (PHI) by...more
On Friday, December 29, 2017, the U.S. District Court for the District of Columbia dealt a blow to hospitals participating in the 340B Drug Pricing Program. By participating in the 340B program, eligible public and...more
The U.S. Department of Health and Human Services (HHS) has used its authority to waive certain provisions of HIPAA in response to Hurricane Harvey. HHS previously declared a public health emergency in Texas and Louisiana...more
The US Department of Health and Human Services and the Health Resources and Services Administration recently issued final rules related to the 340B Drug Pricing Program that impose fines on drug manufacturers that overcharge...more
Ransomware attacks at hospitals and other healthcare facilities have dramatically increased over the last several years, putting healthcare providers in the uncomfortable position of having to consider paying thousands of...more
Ransomware is malicious software that denies access to data, usually by encrypting the data with a private encryption key that is only provided once a ransom is paid. Sometimes the ransomware will actually destroy, steal, or...more