From OCR to AI The Future of Media and Image Analysis in eDiscovery
HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more
PIH Health, a health care entity located in California, suffered a data breach in June 2019 when 45 employee email accounts were compromised in a targeted phishing campaign. The accounts contained the protected health...more
Welcome to our fourth issue of 2025 of The Health Record -- our healthcare law insights e-newsletter. In this edition, we look at prior authorization transparency and physician decision-making; the impact of Medicaid cuts...more
On March 7, 2025, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it would begin investigating four medical schools and hospitals pursuant to President Donald Trump’s...more
Cyberattacks on healthcare organizations are on the rise, with the number of affected individuals nearly tripling between 2022 and 2024, according to data compiled by the Department of Health and Human Services Office for...more
The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more
The U.S. Department of Health and Human Services, Office of Civil Rights (OCR) recently updated its controversial, year-old guidance document on the use of online tracking technologies by healthcare providers and other...more
2024 is shaping up to be a very active year for regulatory and enforcement developments in the healthcare industry – developments that concern not just hospitals and nursing facilities, but many non-healthcare companies as...more
Reflecting on lessons learned and complaints received during the COVID-19 pandemic, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released detailed frequently asked questions (FAQs)...more
The U.S. Department of Health and Human Services (HHS) recently issued a strategy paper highlighting key aspects of its plan to revamp cybersecurity requirements in the healthcare industry. Citing a 93% increase in large data...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
The healthcare sector is a prime target for data breaches. According to a summary by the HIPAA Journal, 32% of all data breaches between 2015 and 2022 were in the healthcare sector, “almost double the number recorded in the...more
The US Department of Health and Human Services Office for Civil Rights (OCR) recently announced a settlement with a community hospital resolving an investigation under the Health Insurance Portability and Accountability Act...more
On July 8, President Biden signed an executive order for abortion access. In this order, the US Department of Health and Human Services (HHS) pledged to take steps to ensure that all patients have access to the full rights...more
The United States Court of Appeals for the Fifth Circuit (the “Court”) vacated a $4,348,000 civil monetary penalty (“CMP”) imposed by the U.S. Department of Health and Human Services’ Office for Civil Rights (“HHS-OCR”) in...more
The application of EMTALA to psychiatric hospitals has long presented compliance concerns for psychiatric hospital providers. To provide clarity, the CMS recently released two memos that offer incremental additional guidance....more
The Office of Civil Rights of the Department of Health and Human Services has announced settlements with three different Boston-area hospitals for allegedly compromising the privacy of protected health information by inviting...more
Children’s Medical Center of Dallas (Children’s) was hit with a $3.2 million civil penalty from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) for failing to take steps to properly protect...more
Healthcare organizations – ranging from physician practice groups to large, multi-state hospital systems – face a variety of risks, including fraud and abuse, as well as HIPAA privacy issues. Starting from a baseline risk...more
Healthcare providers and others who receive federal financial assistance are now subject to new non-discrimination rules and notice requirements under the Affordable Care Act. The new regulation prohibits discrimination in...more
The Department of Health and Human Services Office for Civil Rights (OCR) announced on August 4, 2016, a settlement agreement with Advocate Health Care Network, an integrated healthcare system with ten hospitals and a...more
The Office for Civil Rights (OCR) has obtained another big settlement from a covered entity resulting from a data breach. This most recent settlement of fines and penalties and a Resolution Agreement is with the University of...more
On September 8, 2015, the U.S. Department of Health and Human Services (“HHS”) proposed new regulations implementing Section 1557 of the Patient Protection and Affordable Care Act (“ACA”). Section 1557 prohibits...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more