Updates to Statute 1557 that Healthcare Providers Need to Know
Privacy and Healthcare Business Associates with Isabella Porter
State Law Privacy Video Series | Healthcare Entities and Health Data
Gerry Blass on Healthcare Vendor Risk Management
AGG Talks: Technology - In the Balance: Interoperability and Security
Is Your Practice's Marketing HIPAA Compliant?
Relaxed HIPAA Restrictions For Providers Using Telehealth
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
Polsinelli Podcasts - Confusion to Clarity on the Future of the 340B Program
Polsinelli Podcast - HIPAA Changes Overview
On Wednesday, July 9, 2025, the United States Department of Justice (“DOJ”) issued more than 20 subpoenas to physicians and clinics (the “Providers”) who provide gender-affirming care to transgender youth. According to the...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
Isabella Porter is the director of compliance and privacy officer of District Medical Group and author of the chapter “Patient Privacy and Security: Business Associates” in the Complete Healthcare Compliance Manual. In this...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more
Report on Patient Privacy 21, no. 7 (July, 2021) - ...These heartfelt comments are among those submitted to the HHS Office for Civil Rights (OCR) in response to its January notice of proposed rulemaking (NPRM), which...more
Learning Objectives: - Review the definition of a business associate under HIPAA - Understand common relationships that create gray areas in making determinations on whether business associate relationships exist -...more
As the COVID-19 pandemic in the United States is easing, telemedicine is facing an important crossroads. While telehealth services have demonstrated their value as an integral part of care delivery, federal and state waivers...more
The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more
Is an insurer considered a "covered entity" subject to HIPAA regulations regarding protected health information? Rosemarie Haage v. Alfonso Monitel Zavala, et al. (State Farm Mutual Insurance Company,...more
For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more
Health care providers should take heed of the $10,000 settlement announced on October 2, 2019 between the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR) and a small dental practice based on...more
A pediatric cardiologist recently sentenced to six months’ probation is serving as the latest reminder that violations of the Health Insurance Portability and Accountability Act (“HIPAA”) can lead to more than civil monetary...more
A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more
The Health Insurance Portability and Accountability Act ("HIPAA") Privacy Rule attempts to strike a balance between the protection of a patient's privacy and the performance of important law enforcement functions. This...more
The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more
Ransomware is malicious software that denies access to data, usually by encrypting the data with a private encryption key that is only provided once a ransom is paid. Sometimes the ransomware will actually destroy, steal, or...more
ProPublica, a public interest investigative newsroom, recently identified more than 3,500 one-star medical reviews on Yelp in which patients complained about privacy issues. ProPublica determined that “in dozens of instances,...more
With headlines every day announcing another release of Protected Health Information (PHI), providers are asking themselves – is there a way to protect against these breaches? Beyond improving the security of large...more
Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs....more