News & Analysis as of

HIPAA Breach Notification Rule Electronic Protected Health Information (ePHI)

Jackson Lewis P.C.

OCR’s “Risk Analysis” Enforcement Initiative Continues Against Another Business Associate

Jackson Lewis P.C. on

On August 18, 2025, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with BST & Co. CPAs, LLP (BST). The announcement continues OCR’s escalating enforcement of the HIPAA...more

Williams Mullen

Ransomware Hat Trick: OCR Scores Three Major Enforcement Actions in 2024

Williams Mullen on

Ransomware attacks are a growing threat in the health care sector due to the value of personal health information (PHI). In addition to being expensive, these attacks can cripple health care operations, delay patient care,...more

Akerman LLP - Health Law Rx

FTC’s Updated Health Breach Notification Rule Puts Health App Developers on Notice

The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more

Tucker Arensberg, P.C.

HIPAA Fundamentals for Providers

Tucker Arensberg, P.C. on

In March of this year, The Office for Civil Rights of the Department of Health and Human Services issued a letter addressing the recent cybersecurity incident impacting many health care entities, primarily Change Healthcare,...more

Holland & Knight LLP

Substance Use Disorder Confidentiality Regulations Modified to Align with HIPAA

Holland & Knight LLP on

After more than a year since the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) and Substance Abuse and Mental Health Services Administration (SAMHSA) issued the proposed changes to the...more

Bodman

Legal Restrictions on Health Information – Beyond HIPAA

Bodman on

Appropriately so, providers look first to the Health Insurance Portability and Accountability Act of 1996, as amended (HIPAA), to ensure that they comply with regulations regarding patients’ protected health information...more

WilmerHale

HHS OCR Settles with iHealth Solutions Over Alleged HIPAA Violations

WilmerHale on

On June 28, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement (resolution agreement and corrective action plan) with iHealth Solutions (also known as Advantum Health)...more

WilmerHale

FTC Brings Second Enforcement Action Against Healthcare Company for Violating the Health Breach Notification Rule

WilmerHale on

On May 17, 2023, the Federal Trade Commission (the “FTC”) reached a settlement with Easy Healthcare Corporation (“Easy Healthcare”), for its fertility-tracking app, Premom. The agency alleged that Easy Healthcare failed to...more

Akerman LLP - Health Law Rx

The FTC Sends Another Warning to Digital Healthcare Platforms About Use of Tracking Pixels

The Federal Trade Commission (FTC) continues to prioritize the protection of consumers’ digital health information. The agency has demonstrated this commitment through enforcement actions against GoodRx and BetterHelp for...more

Robinson+Cole Data Privacy + Security Insider

Annual Breach Notification Deadline to OCR Looming

HIPAA requires that covered entities notify the Office for Civil Rights (OCR) of any breaches of unsecured protected health information that affects less than 500 individuals in a calendar year within 60 days following the...more

Holland & Knight LLP

FTC Seeks First-Ever Health Breach Notification Rule Enforcement: Pixel Users Beware

Holland & Knight LLP on

For the first time ever, the Federal Trade Commission (FTC) is seeking enforcement under the Health Breach Notification Rule. This regulation requires certain businesses not covered by the Health Insurance Portability and...more

Spilman Thomas & Battle, PLLC

OCR and HIPAA Compliance – The Next Step

Recently, lawsuits have been filed against Duke and WakeMed regarding their use of Meta’s Meta Pixel tracking product and the alleged improper disclosure of patients’ protected health information (“PHI”). The U.S. Department...more

Saul Ewing LLP

Considerations for Remote Patient Monitoring Vendors and Providers

Saul Ewing LLP on

Remote patient monitoring (“RPM”) refers to the use of digital technologies to monitor and capture medical and other health data from an individual. This data is electronically stored for an individual’s personal use or...more

Arnall Golden Gregory LLP

Upcoming Annual Deadline for HIPAA Small Breach Reporting: March 1, 2022

HIPAA-covered entities should note the quickly approaching March 1, 2022 deadline for reporting breaches of unsecured protected health information that occurred in 2021 and involved fewer than 500 individuals. This article...more

Wiley Rein LLP

Wiley Consumer Protection Download (January 24, 2022)

Wiley Rein LLP on

Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory...more

Bricker Graydon LLP

[Webinar] OCR Enforcement Activity: Recent HIPAA Audits & Right of Access Initiative Settlements - March 4th, 12:00 pm - 1:00 pm...

Bricker Graydon LLP on

Health care technology has seen an incredible amount of change over the past twelve months. As health care providers and entities continue to provide patient care in unprecedented times, it is becoming increasingly important...more

Foley & Lardner LLP

Key Findings & Takeaways from OCR HIPAA Audit Findings

Foley & Lardner LLP on

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services recently published its findings from audits conducted in 2016 and 2017 of covered entities’ and business associates’ compliance with...more

Health Care Compliance Association (HCCA)

Compliance Perspective: What's New in Healthcare Privacy

Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition. https://www.hcca-info.org/health-care-privacy-handbook To learn what’s new in the book and in healthcare privacy...more

Bricker Graydon LLP

HHS OCR announces results of most recent round of HIPAA audits

Bricker Graydon LLP on

On December 17, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its Industry Report on the HIPAA audits it conducted in 2016 and 2017. OCR found widespread noncompliance with...more

Robinson+Cole Data Privacy + Security Insider

Yearly Data Breach Reporting Due to OCR by February 29

Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more

Holland & Hart - Health Law Blog

Encrypt Your Devices or Face HIPAA Penalties

This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more

Tucker Arensberg, P.C.

$1,600,000 Civil Money Penalty for HIPAA Violations by the Texas Health and Human Services Commission

Tucker Arensberg, P.C. on

On November 7, 2019, the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS”) announced a $1,600,000 civil money penalty for violations of the Health Insurance Portability and Accountability Act of...more

Holland & Hart - The Benefits Dial

It’s HIP(AA) to be square… making sure you are HIPAA compliant

The Health Insurance Portability and Accountability Act (“HIPAA”) was created for one specific reason – evolution of technology. Today, health care providers are using online clinical applications and electronic health...more

23 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide