From OCR to AI The Future of Media and Image Analysis in eDiscovery
HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
In the past several weeks, the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR") has announced settlements with three health care organizations — Comstar, LLC ("Comstar"); Guam Memorial...more
A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more
In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more
Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule. As we...more
On October 21, 2024, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil monetary penalty (“CMP”) of $70,000 against a solo dental practice that provides family dental...more
Report on Patient Privacy 22, no. 10 (October, 2022) - How about free? Patients daily face the machinations of getting records from their providers, and health care practices, hospitals and even dentists struggle with...more
Report on Patient Privacy 22, no. 9 (September, 2022) - When recommending best practices, federal privacy and security officials stress that organizations need to follow their protected health information (PHI) wherever...more
Report on Patient Privacy 22, no. 8 (August, 2022) - Oklahoma State University Center for Health Sciences’ (OSUCHS) breach might not have seemed all that serious at the time: No data is believed to have been misused,...more
The Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”) announced on July 15, 2022, that it has resolved 11 investigations conducted under the Health Insurance Portability and...more
Last fall, the United States Department of Justice (“DOJ”) launched its Civil Cyber-Fraud Initiative (“CCFI”) as part of its effort to “combat new and emerging cyber threats to the security of sensitive information and...more
The Office for Civil Rights (OCR) recently announced that it has entered into the 20th settlement under its Right of Access Initiative. The settlement with Children’s Hospital and Medical Center in Nebraska includes an...more
Report on Patient Privacy 21, no. 2 (February 2021) - Unless an extension is granted or the notice of proposed rulemaking (NPRM) is withdrawn, covered entities (CEs) and business associates (BAs) have until late March to...more
Report on Medicare Compliance 30, no. 7 (February 22, 2021) - A Michigan woman is the first in the nation to be charged criminally with misappropriating money from the Provider Relief Fund (PRF), the Department of Justice...more
Report on Medicare Compliance 30, no. 2 (January 18, 2021) - Recovery audit contractors (RACs) may soon be auditing positron emission tomography (PET) for initial treatment strategy in oncologic conditions for compliance...more
The Office for Civil Rights (OCR) recently settled a tenth case under its right-to-access initiative with California-based Riverside Psychiatric Medical Group (RPMG), for $25,000....more
On October 8, 2020, Community Health Systems, Inc. (Community Health) and its subsidiary CHSPSC, LLC entered into a settlement agreement with 28 states for $5 million to resolve claims related to a 2014 data breach. Community...more
On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been actively enforcing HIPAA regulations this year, including a series of seven settlements under OCR’s Right of Access...more
Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more
Following a very quiet start to HIPAA settlement activity in 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced eight settlements with covered entities and business...more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more
On September 21, 2020, the HHS Office of Civil Rights (OCR) announced a $1.5 million settlement with Athens Orthopedic Clinic, a Georgia orthopedic clinic, to settle potential violations of the Health Insurance Portability...more
On September 25, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced that it reached a settlement with Premera Blue Cross (PBC), a health plan operating in Washington and Alaska,...more
With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more
On September 15, 2020, the United States Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced that it had settled five investigations under its HIPAA Right of Access Initiative....more