Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
The Trend of Threatening Physicians for Personal Gain
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans â Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
Top Healthcare Compliance Priorities for 2025
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
Building a Solid HR Foundation in Healthcare Practices
New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health LawÂŽ
Healthcare Document Retention
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 192: Business Issues for Healthcare with Ira Bedenbaugh and Randi Branham of Elliott Davis
Business Better Podcast Episode: Cyber Adviser â Your Data, My Headache: Consumer Health Data Laws
Conducting Healthcare Compliance Investigations
The FTC's Health Privacy Enforcement Actions
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Meeting Cancer Reporting Requirements
On June 22, 2025, Texas enacted the Texas Responsible Artificial Intelligence Governance Act (âTRAIGAâ), putting it at the forefront of state-level AI regulation in the United States. TRAIGA becomes effective January 1, 2026....more
In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having ârecognized security practicesâ (RSPs) in place. But many more covered...more
Following the Office for Civil Rights (OCR) recent publication of four settlements as part of a new Risk Analysis Audit Initiative. We explore the current regulatory language for Risk Analysis, the proposed language for Risk...more
On March 6, 2025, the U.S. Department of Health and Human Services (âHHSâ) Office for Civil Rights (âOCRâ) announced a civil money penalty (âCMPâ) of $200,000 against Oregon Health & Science University (âOHSUâ) for failing to...more
On March 21, 2025, the U.S. Department of Health and Human Servicesâ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more
On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more
A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (âHIPAAâ). It...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more
The saga that led Childrenâs Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physicianâs email account containing details on 3,300...more
Recent federal enforcement actions have brought home the lesson that thereâs really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more
Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (âHHSâ), Office for Civil Rights (âOCRâ) highlight the agencyâs focus on health data...more
Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule. As we...more
The NJ Data Privacy Act takes effect tomorrow. The New Jersey Data Privacy Act is set to take effect tomorrow, January 15. The NJDPA was signed into law by Gov. Phil Murphy (D) on January 16, 2024. The NJDPA is similar to...more
December 2024 was an active month for the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"). OCR announced (i) a $1.19 million civil monetary penalty ("CMP") against Gulf Coast Pain...more
In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more
Covered entities (CEs) and business associates (BAs) may receive a âdiscountâ for having recognized security practices (RSPs) in place when the HHS Office for Civil Rights (OCR) calculates financial penalties for Security...more
On October 31, 2024, the U.S. Department of Health and Human Services (âHHSâ), Office of Civil Rights (âOCRâ) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (âPSAâ) concerning potential...more
Ransomware attacks are a growing threat in the health care sector due to the value of personal health information (PHI). In addition to being expensive, these attacks can cripple health care operations, delay patient care,...more
On July 1, 2024, the U.S. Department of Health and Human Services (âHHSâ) Office For Civil Rights (âOCRâ) announced a $950,000 settlement with Heritage Valley Health System (âHeritage Valleyâ) and a three-year Corrective...more
While many healthcare providers are generally aware of their obligations under HIPAA, most do not have a clear sense of what happens if they fail to meet these obligations. At best, most probably are familiar with headlines...more
A recently announced settlement with online alcohol addiction treatment service Monument Inc. demonstrates the Federal Trade Commissionâs (FTC) continued focus on the use and disclosure of health data. The proposed settlement...more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
Nearly two months after settlement was reached, the Department of Health and Human Services Office for Civil Rights (HHS OCR) announced on Feb. 6 that it obtained a resolution agreement with Montefiore Medical Center over...more
On February 6, 2024, the HHS Office for Civil Rights (âOCRâ) announced a settlement with Montefiore Medical Center (âMMCâ) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more