News & Analysis as of

Business Associates Data Breach Health Insurance Portability and Accountability Act (HIPAA)

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Dentons

Ep. 19 - What to Do When Your Business Associate Suffers a Ransomware Attack

Dentons on

The healthcare industry remains a popular target for ransomware attacks. If you haven’t been impacted by a ransomware attack, it’s likely only a matter of time before someone you do business with or buy services from is...more

McGuireWoods LLP

Ounce of Prevention: Are You Keeping Track of Your Business Associate Agreements’ Requirements?

McGuireWoods LLP on

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Fisher Phillips

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

BakerHostetler

HHS OCR Provides Annual Report to Congress Detailing 2022 Enforcement Activities

BakerHostetler on

On Feb. 16, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published its 2022 Annual Report to Congress. ...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

BakerHostetler

Imminent Cybersecurity Threats to Healthcare Revenue Cycle Management

BakerHostetler on

BakerHostetler is closely monitoring imminent cybersecurity threats to healthcare revenue cycle management personnel and vendors. Most recently, Change Healthcare (CHC), a healthcare technology and business management...more

Brooks Pierce

Business Associate Victim of Ransomware Attack Pays $100,000 to HHS OCR

Brooks Pierce on

Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more

Saul Ewing LLP

Business Associate Agrees to $100,000 Settlement Following Cyber Attack

Saul Ewing LLP on

On Halloween, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $100,000 settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Doctors’...more

Seyfarth Shaw LLP

Top 5 Reasons to Remember Your Business Associate Agreements This Fall

Seyfarth Shaw LLP on

As organizations begin renewing and entering into new contractual relationships for 2024, an oft-forgotten aspect of the contracting process is determining whether a Business Associate Agreement (a “BAA”) is required. Under...more

Dorsey & Whitney LLP

HHS OCR Settles HIPAA Investigation with Business Associate for $350,000

Dorsey & Whitney LLP on

Over the past decade, the number of health care data breaches reported to the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has increased dramatically. From 2009 to 2022, over 5,000 data...more

Jones Day

Vital Signs Digital Health Law Update | Winter 2023

Jones Day on

Note From the Editors - We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, our lawyers take an in-depth look at...more

Health Care Compliance Association (HCCA)

One Security Guard, One Container: Find Unravels Derm Practice's Disposal Failure

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 9 (September, 2022) - When recommending best practices, federal privacy and security officials stress that organizations need to follow their protected health information (PHI) wherever...more

Health Care Compliance Association (HCCA)

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Health Care Compliance Association (HCCA)

Safeguards in New National Network Include Insurance, App Mandates, Cybersecurity Council

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 22, no. 2 (February, 2022) - The new national health information network calls for a number of privacy and security safeguards and standards that, in some instances, exceed what HIPAA covered...more

Goodwin

DOJ Announces New Initiative to Use False Claims Act to Enforce Compliance with Data Privacy and Security Laws and Contract...

Goodwin on

The Department of Justice recently announced the launch of its new Civil Cyber-Fraud Initiative (the “Initiative”) which intends to use the False Claims Act to pursue “cybersecurity-related fraud by government contractors and...more

Health Care Compliance Association (HCCA)

Nick Culbertson on Compliance Breaches in Healthcare

Health Care Compliance Association (HCCA) on

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

Health Care Compliance Association (HCCA)

OCR Investigator: Goal Is to Uncover ‘Root Cause,’ Remedy Harm From Violations

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 5 (May 2021) - Given the hundreds of thousands of HIPAA covered entities (CEs) and business associates (BAs) and the two dozen or so enforcement actions the HHS Office for Civil Rights...more

Health Care Compliance Association (HCCA)

After a Breach Is Too Late: Ensure BA, Subcontractor Compliance Now

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more

Health Care Compliance Association (HCCA)

[Virtual Event] 2021 25th Annual Compliance Institute - April 19th - 22nd, 9:30 am - 4:35 pm CDT

Health Care Compliance Association (HCCA) on

The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more

Health Care Compliance Association (HCCA)

Settlement Involves 'Dark Overlord' Hack, Tip by Breach-Tracking Journalist

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 20, Number 3. Privacy Briefs: March 2020

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 20, no. 3 (March 2020) - As the new coronavirus, COVID-19, spreads across the United States, the HHS Office for Civil Rights (OCR) is reminding HIPAA covered entities and business associates that...more

Arnall Golden Gregory LLP

No Good Deed Goes Unpunished: Reporting Business Associate’s HIPAA Breach Results in Liability for Covered Entity

Arnall Golden Gregory LLP on

A recent Resolution Agreement between a solo practitioner physician practice and the U.S. Department of Health and Human Services Office for Civil Rights (OCR) reveals how complying with HIPAA by reporting a business...more

BCLP

Data Breach Litigation Preparation: What U.S. Laws Apply to Data Breaches?

BCLP on

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more

Health Care Compliance Association (HCCA)

[Event] March Privacy Compliance Academy - March 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on

Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more

184 Results
 / 
View per page
Page: of 8
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide