As we reflect on the flurry of activity in the health care data privacy and security space in 2023 and look ahead to what will continue to be a busy 2024, we are seeing the early stages of federal agency movement to align the...more
1/26/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Healthcare ,
HIPAA Privacy Rule ,
Information Blocking Rules ,
Mental Health ,
Notice of Proposed Rulemaking (NOPR) ,
OCR ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
Request For Information ,
SAMHSA ,
Substance Abuse ,
Transparency
In April, 2020, in an effort to facilitate a national pivot to telehealth in light of the COVID-19 Public Health Emergency (PHE), the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a policy...more
5/2/2023
/ Business Associates Agreement (BAA) ,
Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Due Diligence ,
Enforcement ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Public Health Emergency ,
Security Risk Assessments ,
Subcontractors ,
Vendors
A recent settlement agreement between a clinical laboratory and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) to resolve potential HIPAA Security Rule violations proves to be a...more
With a notably sharply worded opinion, the Fifth Circuit recently vacated over $4.3 million in penalties levied against the University of Texas M.D. Anderson Cancer Center (M.D. Anderson) by the Department of Health and Human...more
As we’re all painfully aware, public health issues dominated 2020 and with the country’s attention focused on COVID-19 testing, status, transmission and care, HIPAA went mainstream. Health information became critical not only...more
The Department of Health and Human Services (HHS) is pushing ahead in its Regulatory Sprint to Coordinated Care with a new proposed rule, announced by HHS’ Office for Civil Rights (OCR) on December 10, to modify the HIPAA...more
US hospitals and healthcare facilities struggling to maintain normal operations during the COVID-19 emergency, were warned this week by the federal Cybersecurity and Infrastructure Agency (CISA), the Federal Bureau of...more
The U.S. Department of Health and Human Services (HHS) recently released a final rule further amending 42 CFR Part 2 regulations (Part 2) to allow greater sharing of patient records related to substance use disorder (SUD)...more
7/20/2020
/ Confidentiality Policies ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Drug & Alcohol Abuse ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opioid ,
Patient Privacy Rights ,
Prescription Drugs ,
Substance Abuse
Amidst the novel coronavirus (COVID-19) outbreak, the Secretary of the U.S. Department of Health and Human Services (HHS), Alex M. Azar, took steps on March 15, 2020, to waive sanctions and penalties related to certain...more
On January 18th, the U.S. Department of Health and Human Services (HHS) and 15 other federal agencies issued a final rule updating regulations for the protection of human research subjects, the so-called “Common Rule.” The...more
On October 7, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance. As discussed below,...more
The Medicare Access and CHIP Reauthorization Act (MACRA) proposes a new approach, with new branding labels, to paying clinicians for the value and the quality of care that they provide by replacing a patchwork of existing...more
5/5/2016
/ Centers for Medicare & Medicaid Services (CMS) ,
Children's Health Insurance Program (CHIP) ,
Department of Health and Human Services (HHS) ,
EHR ,
Meaningful Use ,
Medicare ,
Medicare Access and CHIP Reauthorization (MACRA) ,
MIPS ,
Physicians ,
Proposed Regulation ,
Provider Payments
On March 21st, the HHS Office for Civil Rights (“OCR”) officially launched Phase 2 of the HIPAA Audit Program. Covered Entities and Business Associates need to be prepared for these audits and be on the lookout for emails...more
The U.S. Department of Health and Human Services (“HHS”) and fifteen other Federal Departments and Agencies have announced a proposal to update the Federal Policy for the Protection of Human Subjects known as the “Common...more
9/9/2015
/ Clinical Trials ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Exemptions ,
Human Rights ,
Informed Consent ,
IRB ,
Medical Research ,
NPRM ,
Proposed Regulation ,
Scientific Research ,
The Common Rule ,
Transparency
This is the fourth and final post in our series on the Medicare Access and CHIP Reauthorization Act (MACRA). Pub.L. No. 114-10. We’ve previously covered the repeal of the Sustainable Growth Rate (SGR) in our April 20th post,...more
4/27/2015
/ Affordable Care Act ,
Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
EHR ,
Electronic Health Record Incentives ,
Electronic Medical Records ,
GAO ,
Health Care Providers ,
Healthcare ,
HITECH Act ,
Meaningful Use ,
Medicaid ,
Medicare ,
Medicare Access and CHIP Reauthorization (MACRA) ,
Medicare Part B ,
PQRS ,
Telehealth ,
Telemedicine
As a service to our readers, we have distilled last week’s joint HHS Office of Civil Rights (OCR) and National Institute of Standards in Technology (NIST) conference, “Safeguarding Health Information: Building Assurance...more
Yesterday the Centers for Medicare & Medicaid Services (CMS) finally published the long-awaited final rule amending the Clinical Laboratory Improvement Amendments of 1988 (CLIA) and the Health Insurance Portability and...more
Welcome to our series, “The 12 Days of Privacy” as we look to “gifts” that may be received this season and some of the big issues ahead ….
Day One – - HIPAA 2014 – Where will the Audit Trail Lead?
The year 2013...more
In response to a recent lawsuit and outcry from a variety of players in the health care market, the Department of Health and Human Services (“HHS”) has committed to issuing guidance by September 23rd (the compliance date for...more
Earlier this week we attended the National Institute of Standards and Technology (NIST) and HHS Office for Civil Rights (OCR) 6th Annual Safeguarding Health Information Conference in Washington, D.C. (the NIST-OCR...more
As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more
2/18/2013
/ Business Associates ,
Cloud Computing ,
Covered Entities ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Employee Retirement Income Security Act (ERISA) ,
Fundraisers ,
HIPAA Omnibus Rule ,
HITECH Act ,
Marketing ,
Notice Requirements ,
OCR ,
PHI ,
Privacy Rule ,
Risk Assessment ,
Subcontractors ,
Training
The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more
1/18/2013
/ Business Associates ,
Compliance ,
Covered Entities ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Omnibus Rule ,
Notice Requirements ,
Notifications ,
OCR ,
Patient Privacy Rights ,
PHI ,
Subcontractors