Privacy and Healthcare Business Associates with Isabella Porter
For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and...more
On March 18, 2024, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued revised guidance on the use of tracking technologies by HIPAA-covered entities and business associates....more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
HIPAA applies to both covered entities (e.g., healthcare providers and health plans) and their business associates. A “business associate” is generally a person or entity that “creates, receives, maintains or transmits”...more
The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
In April, 2020, in an effort to facilitate a national pivot to telehealth in light of the COVID-19 Public Health Emergency (PHE), the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a policy...more
The Biden Administration announced that the federal COVID-19 Public Health Emergency (PHE) will expire at the end of the day on May 11, 2023. As we draw closer to the expiration date of the PHE, do you feel fine about your...more
On December 1, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) issued a Bulletin entitled ”Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates“ that addresses...more
On December 1, 2022, the HHS Office for Civil Rights (OCR) issued a bulletin on the requirements imposed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) for online tracking technologies regarding...more
On December 1, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services provided guidance on the intersection of the Health Insurance Portability and Accountability Act (HIPAA) and the use of...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
As telehealth services surged in response to the COVID-19 pandemic, unique compliance challenges likewise developed in unexpected ways. Recognizing these challenges, the Office of Civil Rights (“OCR”) indicated that it would...more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
2020 can rightfully be called the year for remote health care. Fueled by necessity and accompanying loosened regulations, telehealth and the demand for remote patient monitoring boomed. Signs that this progress is here to...more
In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more
In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more
Report on Patient Privacy 19, no. 12 (December 2019) - Sentara Hospitals, a nonprofit group of 12 medical centers in Virginia and North Carolina, will implement a fairly minimal two-year corrective action plan (CAP) and...more