From OCR to AI The Future of Media and Image Analysis in eDiscovery
HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
Two settlements recently announced by the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) reinforce the agency’s emphasis on promoting thorough risk analysis to help prevent disclosure of...more
On March 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil money penalty (“CMP”) of $200,000 against Oregon Health & Science University (“OHSU”) for failing to...more
On December 27, 2024, the Office for Civil Rights (OCR) at HHS issued a Notice of Proposed Rulemaking (the Proposed Rule) intended to update the Security Rule under the Health Insurance Portability and Accountability Act...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
While many healthcare providers are generally aware of their obligations under HIPAA, most do not have a clear sense of what happens if they fail to meet these obligations. At best, most probably are familiar with headlines...more
On May 6, 2024, the Department of Health and Human Services (HHS) published its final rule revamping the non-discrimination regulations issued under § 1557 of the Affordable Care Act. The revised rules apply to all...more
The Department of Health & Human Services’ Office of Inspector General (HHS OIG) and U.S. Department of Justice (DOJ) have published important guidance and recommendations for pharmaceutical companies to develop and implement...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
On February 8, 2024, the U.S. Department of Health and Human Services, through its Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), released final rule (Final Rule)...more
Seyfarth Synopsis: The health care sector faces escalating cybersecurity risks given its size, technological dependence and the sensitive nature of data used therein. According to the U.S. Department of Health and Human...more
If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more
In 2021, the Department of Health and Human Services (HHS) proposed changes to the Privacy Rule under the Health Insurance Portability and Accessibility Act of 1996 (HIPAA) that would significantly alter the current...more
The Office for Civil Rights (OCR) recently offered covered entities and business associates (Regulated Entities) not-so-subtle reminders in its October 2023 Cybersecurity Newsletter that effective sanction policies can...more
On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
On June 28, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement (resolution agreement and corrective action plan) with iHealth Solutions (also known as Advantum Health)...more
The recent settlement between the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and a community hospital is a reminder of the importance of HIPAA compliance for all healthcare organizations. The...more
On June 15, 2023, OCR announced a settlement with Yakima Valley Memorial Hospital (Yakima) after completing a HIPAA investigation regarding allegations that hospital security guards accessed medical records of 419 patients....more
Cybersecurity attacks, such as malware, phishing emails, and password attacks, are a growing threat to patients and medical practices. Cyber attacks can significantly disrupt patient care, including by exposing confidential...more
The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) entered into a Resolution Agreement (“Agreement”) with Banner Health on behalf of Banner Health Affiliated Covered Entities (“Banner”) to remedy...more
According to the Office of Information and Regulatory Affairs, Office of Management and Budget, final action on the proposed rules—published in the Federal Register—to modify the HIPAA Privacy Rule is scheduled to occur in...more