News & Analysis as of

Data Protection HIPAA Security Rule

Sheppard Mullin Richter & Hampton LLP

Biotech Company Settles with Three State AGs Over Security Practices

A biotech company recently settled with three AGs over allegations that it had failed to protect consumer information. According to the AGs of Connecticut, New York and New Jersey, this led to a 2023 data incident. The...more

Health Care Compliance Association (HCCA)

Seven Years After Worldwide NotPetya Attacks, OCR Singles Out PA System, Collects Nearly $1M

Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more

Shutts & Bowen LLP

New Guidelines Anticipated Following HHS’s Health Cybersecurity Concept Paper

Shutts & Bowen LLP on

Updates to the Health Insurance Portability and Accountability Act Security Rule (“HIPAA Security Rule”) are planned for Spring 2024. New guidance from The Department of Health and Human Services (“HHS”) via a recently...more

Akerman LLP - Health Law Rx

OCR Releases Guidance on HIPAA Compliance When Providing Audio-Only Telehealth

The U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) recently released new guidance (the “Guidance”) to help ensure that individuals may continue to benefit from audio-only telehealth...more

Hanzo

HIPAA Compliance & the Role of Enterprise Information Archiving

Hanzo on

Most people have heard of the Health Insurance Portability and Accountability Act (HIPAA), so it’s not surprising that companies dealing with digital health information will have to be HIPAA compliant. To do so, any protected...more

Robinson+Cole Health Law Diagnosis

HHS Issues HIPAA Guidance to Support Audio-Only Telehealth Services

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently issued new guidance (Guidance) on the use of remote communication technologies to deliver audio-only telehealth in accordance with...more

Health Care Compliance Association (HCCA)

Hybrid Workforces and Compliance with Sheila Limmroth

Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more

Arnall Golden Gregory LLP

Recent OCR HIPAA Enforcement Actions and Request for Information on HITECH Implementation

Enforcement Actions - In its first announcement of enforcement actions in 2022, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) simultaneously announced the resolution of three...more

Wyrick Robbins Yates & Ponton LLP

Any Port in a Storm? OCR Seeks Comments on HIPAA “Safe Harbor” for Recognized Security Practices

Earlier this month, HHS’s Office for Civil Rights (OCR) issued a Request for Information (RFI) seeking comments on a statutory provision adopted last year that provides a quasi-safe harbor for entities that have voluntarily...more

Akerman LLP - Health Law Rx

Help Wanted: OCR Seeks Public Input on “Recognized Security Practices” and Sharing Settlements with Harmed Individuals Under the...

Covered entities and business associates subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) have the chance to provide input on two amendments to the Health Information Technology for...more

Health Care Compliance Association (HCCA)

[Virtual Event] Clinical Practice Compliance Conference - October 12th - 13th, 8:50 am - 6:00 pm CDT

Get the latest updates on government initiatives related to physicians and clinics - HCCA’s Clinical Practice Compliance Conference provides insights, updates, and strategies that are pertinent to developing and managing...more

Polsinelli

The Privacy Survival Guide - August 2021

Polsinelli on

Virginia recently adopted a GDPR-inspired comprehensive data protection law for Virginia residents. What Are the Main Points Covered by Virginia’s Consumer Data Protection Act (CDPA)? ...more

Robinson+Cole Data Privacy + Security Insider

OCR Cybersecurity Newsletter Focuses on Controlling Access to ePHI

The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services recently issued its Summer 2021 Cybersecurity Newsletter, which focuses on controlling access to electronic PHI (ePHI) and the HIPAA Security...more

King & Spalding

OCR Updates Ransomware Guidance

King & Spalding on

On June 9, 2021, OCR distributed an update to those on its Privacy List sharing links to alerts and resources for addressing the growing number and size of ransomware incidents. One such resource included a White House memo...more

Health Care Compliance Association (HCCA)

Compliance Perspective: What's New in Healthcare Privacy

Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition. https://www.hcca-info.org/health-care-privacy-handbook To learn what’s new in the book and in healthcare privacy...more

Bricker Graydon LLP

HHS OCR announces results of most recent round of HIPAA audits

Bricker Graydon LLP on

On December 17, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its Industry Report on the HIPAA audits it conducted in 2016 and 2017. OCR found widespread noncompliance with...more

Bricker Graydon LLP

OCR recommends IT asset inventory for HIPAA compliance

Bricker Graydon LLP on

The Office of Civil Rights (OCR) recently issued its Summer 2020 Cybersecurity Newsletter to recommend that health care providers and business associates create information technology (IT) asset inventories in order to track...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert l March 2020

Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more

Society of Corporate Compliance and Ethics...

[Event] Regional Compliance & Ethics Conference - February 27th - 28th, Anchorage, AK

This two-day Regional Compliance and Ethics Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more

Faegre Drinker Biddle & Reath LLP

Ambulance Company Agrees to $65,000 OCR Settlement for HIPAA Noncompliance

West Georgia Ambulance, Inc. (West Georgia) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $65,000 no-fault settlement agreement and two year corrective action...more

21 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide