Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more
The Trump Administration’s flurry of executive orders directing the implementation of immigration policy objectives to carry out the “largest domestic deportation operation in American history” has many hospitals and other...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more
As the summer winds down, regulatory updates related to digital health services certainly do not appear to be showing any signs of cooling off. It has been a busy summer, and below we have summarized several key updates for...more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
On April 26, 2024, the Department of Health and Human Services (HHS) published the final HIPAA Privacy Rule to Support Reproductive Health Care Privacy (Final Rule). The Final Rule became effective June 25, 2024....more
On April 26, 2024, the U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) published Final Regulations under HIPAA’s Privacy Rule introducing greater protections for information related to...more
Earlier this year, federal agencies teamed up to issue two rules that will require healthcare providers to update certain policies related to the use and disclosure of health information and to update their Notice of Privacy...more
The Department of Health and Human Services issued a final rule amending the HIPAA privacy rules (“2024 Privacy Rule”). The 2024 Privacy Rule limits the use or disclosure of an individual’s PHI in connection with reproductive...more
A new final rule under HIPAA adds more compliance requirements aimed at supporting reproductive healthcare privacy – so you need to take note if you are a healthcare provider, employer-sponsored group health plan, or other...more
Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
The HIPAA Privacy Rule has been amended to provide greater protections for protected health information (PHI) related to reproductive health care. Covered entities and business associates should familiarize themselves with...more
At the Health Care Compliance Association’s recent Annual Compliance Institute in Nashville, artificial intelligence (AI) dominated the conversation. A common theme: how does the compliance officer keep pace with this...more
The Office for Civil Rights (“OCR”) at the Department of Health and Human Services (“HHS”) recently issued final regulations (“Reproductive Health Care Rule”) under the Health Insurance Portability and Accountability Act of...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
The U.S. Department of Health and Human Services (HHS) this week released final amendments to the HIPAA Privacy Rule to further protect the privacy of protected health information (PHI) related to reproductive health care....more
The upcoming election, and the approaching end of the President’s four-year term, introduce additional dynamics into the agencies’ rulemaking process and even the guidance process. From now through the November election, the...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more