News & Analysis as of

Business Associates Medical Records

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Bricker Graydon LLP

Is Your School District Health Plan Subject to HIPAA?

Bricker Graydon LLP on

For the vast majority of records maintained by public schools, the Health Insurance Portability and Accountability Act (“HIPAA”) is not applicable. This is because most records that contain medical information related to a...more

Williams Mullen

42 CFR Part 2 Final Rule Harmonizes Substance Use Disorder Confidentiality Protections with HIPAA

Williams Mullen on

On February 8, 2024, the federal Confidentiality of Substance Use Disorder (SUD) Patient Records regulations at 42 CFR Part 2 (Part 2) were revised in part to increase patient protection and streamline patient consent...more

BakerHostetler

HHS Proposes New Rule Aligning Part 2 Regulations with HIPAA

BakerHostetler on

On November 28, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the Substance Abuse Mental Health Services Administration (SAMHSA) announced a Notice of Proposed Rulemaking...more

Health Care Compliance Association (HCCA)

After a Breach Is Too Late: Ensure BA, Subcontractor Compliance Now

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more

Health Care Compliance Association (HCCA)

Awaiting New Leader, OCR Collects NPRM Feedback, Closes Breach, 14th Access Case

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 2 (February 2021) - Unless an extension is granted or the notice of proposed rulemaking (NPRM) is withdrawn, covered entities (CEs) and business associates (BAs) have until late March to...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Holland & Hart - Health Law Blog

Use of PHI for Non-Patient Purposes

Holland & Hart - Health Law Blog on

In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more

Fox Rothschild LLP

Tell Me Again: What Can Covered Entities (Or Their Business Associates) Charge For Medical Records Requests?

Fox Rothschild LLP on

The answer to this question has changed yet again. I’ve blogged on this topic several times in the past, and described the question as a wriggling worm. Plaintiff Ciox Health, LLC has finally managed to catch that worm and...more

Fisher Phillips

Reminder: Coronavirus Emergency Does Not Trump HIPAA Privacy Rule

Fisher Phillips on

The government just sent a stern reminder to all employers, especially those involved in providing healthcare, that they must still comply with the protections contained in the HIPAA Privacy Rule during the Coronavirus...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 20, Number 2. Privacy Briefs: February 2020

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 20, no. 2 (February 2020) - A ruling from Georgia’s highest state court could set a precedent that determines recourse for victims of cyberattacks. The Georgia Supreme Court ruled in late December...more

Holland & Hart - Health Law Blog

Modified HIPAA Rules for Sending Records to Third Parties

Holland & Hart - Health Law Blog on

Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more

BakerHostetler

Federal Court Invalidates 2013 HIPAA Omnibus Rule Regulations and HHS Guidance on Fees for Copies of Medical Records

BakerHostetler on

In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus...more

Health Care Compliance Association (HCCA)

'Misinterpretation' of Breach Rule, Lack of Internal BAA Cost Hospital Group $2.1M

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 19, no. 12 (December 2019) - Sentara Hospitals, a nonprofit group of 12 medical centers in Virginia and North Carolina, will implement a fairly minimal two-year corrective action plan (CAP) and...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 19, Number 11. Privacy Briefs: November 2019

Health Care Compliance Association (HCCA) on

Report on Patient Privacy Volume 19, Number 11. (November 2019) ? The biggest threat to protected health information comes from carelessness within your organization, according to a brief from the Clearwater...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #191 – Trying to Protect Your Medical Information—Let’s Ask Questions About Data Security

Robinson+Cole Data Privacy + Security Insider on

In the top three of the list of highly sensitive personal data to be concerned about is our medical information. It’s so sensitive because it is so personal. It used to be that our medical information was located in paper...more

Fox Rothschild LLP

Bankrupt Medical Records Company Hit With $100,000 Penalty For HIPAA Violations

Fox Rothschild LLP on

Filefax, Inc., a defunct Illinois medical records storage and management company, has been fined $100,000 for improperly handling medical data under an agreement with the court-appointed receiver managing the company’s assets...more

McGuireWoods LLP

Is HIPAA A Sleeping Giant?

McGuireWoods LLP on

So far, 2018 has been a light year in terms of HIPAA enforcement. There have been only two publicly-disclosed settlements. But that doesn’t mean covered entities and business associates should let their guard down and...more

Perkins Coie

Potential HIPAA Pitfalls for Developers of Healthcare Apps

Perkins Coie on

As federal and state governments struggle to address future healthcare regulation, demand for healthcare that is cheaper, better and faster continues to surge. Every day, new healthcare apps are being developed to respond...more

Foley & Lardner LLP

HIPAA for HR - Some Good News for Employers

Foley & Lardner LLP on

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that was enacted to ensure protection of individuals’ protected health information (PHI). The Standards for Privacy of Individually...more

Akerman LLP - Health Law Rx

Best Practices for Safeguarding Protected Health Information in Inclement Weather

Akerman LLP - Health Law Rx on

As the East Coast prepares for the arrival of Hurricane Matthew, covered entities and business associates should take the opportunity to remind their workforce members to safeguard protected health information (PHI) that is...more

Benesch

HIPAA and Jason Pierre-Paul’s Medical Chart – Setting the Record Straight

Benesch on

Last night, ESPN reporter Adam Schefter tweeted a photo of New York Giants defensive end Jason Pierre-Paul’s medical chart, which chart indicated that Pierre Paul had his index finger amputated. The amputation was apparently...more

McDermott Will & Emery

OCR Launches Phase 2 HIPAA Audit Program with Pre-Audit Screening Surveys

McDermott Will & Emery on

Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities have reported that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently sent pre-audit screening surveys...more

Mintz - Health Care Viewpoints

Provider Beware: HIPAA and State Privacy Laws May Inform Negligence Suits

Mintz - Health Care Viewpoints on

A recent opinion from the Connecticut Supreme Court illustrates that HIPAA is not the only law that covered entities and business associates must worry about if an unauthorized disclosure of protected health information (PHI)...more

Winstead PC

HHS Explains Privacy Rule in Emergency Situations

Winstead PC on

On November 10, 2014, the U.S. Department of Health and Human Services (HHS) issued a bulletin reminding covered entities and business associates of how they may disclose patient information for public health activities or in...more

33 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide