News & Analysis as of

Business Associates HIPAA Breach Health Care Providers

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - November 18th - 21st, Boston, MA

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Holland & Knight LLP

HIPAA Breach Notice Can Be Delegated to Change Healthcare

Holland & Knight LLP on

After months of uncertainty and multiple letters from industry associations advocating on behalf of the healthcare industry with the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR), covered...more

Rivkin Radler LLP

[Webinar] Lunch and Learn Series: Conducting HIPAA Breach Assessments and Disclosures: Requirements and Tips for Success - June...

Rivkin Radler LLP on

On Thursday, June 13, the next installment of Rivkin Radler’s Healthcare Compliance Lunch & Learn series, will be presented by Rivkin Radler Partner Ashley Algazi and moderated by Robert Hussar. The program, “Conducting HIPAA...more

Dorsey & Whitney LLP

HHS OCR Settles HIPAA Investigation with Business Associate for $350,000

Dorsey & Whitney LLP on

Over the past decade, the number of health care data breaches reported to the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has increased dramatically. From 2009 to 2022, over 5,000 data...more

Rivkin Radler LLP

[Webinar] Lunch and Learn Series: Conducting HIPAA Breach Assessments and Disclosures: Requirements and Tips for Success -...

Rivkin Radler LLP on

Please join us as Rivkin Radler Associate Ashley Algazi presents the September Lunch and Learn. The program will: - Review HIPAA breach definition - Discuss the analysis and investigation process to determine if a...more

K&L Gates LLP

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

Health Care Compliance Association (HCCA)

Under New Settlement, Ambulance Co. Pays OCR $65K, Must Quickly Encrypt Computers

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 20, no. 1 (January 2020) - In the waning days of 2019, the HHS Office for Civil Rights (OCR) didn’t halt the HIPAA enforcement momentum it had built up during the last quarter of the year, dinging...more

Ballard Spahr LLP

HIPAA Guidance and Enforcement: A New Alignment?

Ballard Spahr LLP on

The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health...more

Bricker Graydon LLP

HHS publishes fact sheet on direct liability of business associates under HIPAA

Bricker Graydon LLP on

On May 24, 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a new fact sheet providing a compilation of all provisions through which a business associate may be held directly...more

Mintz - Health Care Viewpoints

HIPAA Penalties For Failure to Cut Off Access To Former Employee

Mintz - Health Care Viewpoints on

It has been a busy few weeks for HIPAA enforcement. On Tuesday, the Office for Civil Rights announced its third resolution of a HIPAA breach in as many weeks. In this latest matter, OCR announced that Pagosa Springs Medical...more

Mintz - Health Care Viewpoints

Another HIPAA Settlement for Failure to Enter Into a BAA

Mintz - Health Care Viewpoints on

Last week, the Office for Civil Rights (OCR) announced that it had reached a settlement with a contract physician group based in Florida to resolve potential HIPAA violations relating to the sharing of protected health...more

Robinson+Cole Data Privacy + Security Insider

Lessons Learned from Recent OCR HIPAA Audits

Robinson+Cole Data Privacy + Security Insider on

Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more

Robinson+Cole Data Privacy + Security Insider

OCR Warns Health Care Industry of Risks with Previous Employees

Robinson+Cole Data Privacy + Security Insider on

In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more

Robinson+Cole Data Privacy + Security Insider

Business Associate Resold Fax Machine Containing PHI

Robinson+Cole Data Privacy + Security Insider on

Fax machines are still used in the medical community, and these days, faxing may be more secure than emailing as hackers have not yet cracked the task of hacking into old fax machines. All kidding aside, fax machines have...more

Nossaman LLP

Don’t Forget HIPAA’s “Minimum Necessary” Rule When Making Health Information Disclosures

Nossaman LLP on

When Covered Entities or Business Associates or their counsel analyze whether a particular disclosure of Protected Health Information (or “PHI,” as defined in HIPAA) is permissible, they should be sure also to analyze whether...more

Poyner Spruill LLP

Five Takeaways from the OCR Reminder on HIPAA Obligations In Ransomware Incidents

Poyner Spruill LLP on

Apparently prompted by the recent high-profile wave of ransomware attacks, the Department of Health and Human Services’ Office of Civil Rights (OCR) has reminded hospitals, healthcare systems, and other covered entities and...more

Perkins Coie

Another HIPAA Settlement: Stolen Laptop Costs $2.5 Million Plus Encryption Requirement

Perkins Coie on

The U.S. Department of Health and Human Services (HHS) recently announced yet another HIPAA privacy and security settlement involving Protected Health Information (PHI) on a stolen laptop. Although this might be seen as just...more

Sherman & Howard L.L.C.

Healthcare Advisory: HHS Announces First Settlement with a Wireless Health Services Provider

Sherman & Howard L.L.C. on

On April 24, 2017, the Department of Health and Human Services, Office of Civil Rights (“OCR”), announced its first settlement with a wireless health services provider, CardioNet, Inc., for alleged violations of the Health...more

Williams Mullen

2017 HIPAA Enforcement: New Settlements and Penalties Already Total Over $11,000,000

Williams Mullen on

In our last post, we highlighted the 2016 settlements between the Office for Civil Rights (OCR) and various covered entities (and business associates), in one of OCR’s most active years. As of now, 2017 is proving to be on...more

Akerman LLP - Health Law Rx

HIPAA Audits – Phase 2: On-Site Audits Scheduled for First Quarter of 2017

Akerman LLP - Health Law Rx on

Covered Entities and Business Associates may be ringing in the New Year with the prospect of responding to on-site HIPAA audits by federal regulators. The U.S. Department of Health and Human Services Office for Civil Rights...more

Sherman & Howard L.L.C.

Failure Under the HIPAA Security Rule Costs $2.14 Million

Sherman & Howard L.L.C. on

On October 18, 2016, the Department of Health and Human Services, Office of Civil Rights (“OCR”) announced a $2.14 million settlement with St. Joseph Health (“St. Joseph”), a non-profit integrated Catholic healthcare delivery...more

Bradley Arant Boult Cummings LLP

Taking Measure of HIPAA Enforcement

Bradley Arant Boult Cummings LLP on

Last month, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced the largest settlement to date for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA)....more

Ballard Spahr LLP

OCR Announces First HIPAA Enforcement Action against a Business Associate

Ballard Spahr LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

Robinson+Cole Data Privacy + Security Insider

Oregon Health & Science University pays $2.7M penalty for data breaches

Robinson+Cole Data Privacy + Security Insider on

Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more

40 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide