News & Analysis as of

Business Associates Penalties Health Insurance Portability and Accountability Act (HIPAA)

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Holland & Knight LLP

Five Red Flags in De-identification and Data Monetization for Healthcare Companies

Holland & Knight LLP on

Healthcare providers running on thin margins or just seeking new (and in the case of tax-exempt providers, permissible) revenue sources may jump at the chance when third party vendors offer to help them monetize their patient...more

WilmerHale

Congress Passes Bill to Mitigate Penalties for Potential HIPAA Violations

WilmerHale on

On December 19, the Senate passed H.R.7898, which the House of Representatives had previously passed on December 9. This law amends the Health Information Technology for Economic and Clinical Health (HITECH) Act to require...more

Holland & Hart - Health Law Blog

Encrypt Your Devices or Face HIPAA Penalties

Holland & Hart - Health Law Blog on

This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more

Holland & Hart - Health Law Blog

HHS Reduces the Annual Cap for Most HIPAA Penalties

Holland & Hart - Health Law Blog on

HIPAA penalties vary depending on the type of conduct involved. (45 CFR § 160.404). Under HHS’s prior interpretation, the types of violations were all subject to an annual maximum penalty of $1,500,000 for identical types of...more

Davis Wright Tremaine LLP

HHS Reinterprets (and Significantly Lowers) Annual Penalty Caps for HIPAA Violations

Davis Wright Tremaine LLP on

The Department of Health and Human Services Office for Civil Rights (OCR) today announced that it is lowering the maximum total penalties it may assess against covered entities and business associates for multiple violations...more

Snell & Wilmer

2017 HIPAA Enforcement – Appears Not To Be Slowing Down

Snell & Wilmer on

To state the obvious, there has been some uncertainty regarding how the Trump Administration will affect federal agency enforcement efforts. However, at least, in regard to HIPAA Privacy and Security, the U.S. Department of...more

Ballard Spahr LLP

OCR Announces First HIPAA Enforcement Action against a Business Associate

Ballard Spahr LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

Lathrop GPM

Business Associate Settles HIPAA Investigation for $650,000

Lathrop GPM on

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

Alston & Bird

HIPAA Double Take: What Health Plan Sponsors Need to Know Now

Alston & Bird on

With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more

Dechert LLP

Final HIPAA Regulations Impact Group Health Plans

Dechert LLP on

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) sets forth rules to protect the privacy and security of individuals’ health information that is held by “covered entities,” such as group health plans....more

Wilson Sonsini Goodrich & Rosati

Cloud Storage Providers Storing Protected Health Information May Be Obligated to Comply with HIPAA Regulations

Wilson Sonsini Goodrich & Rosati on

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

Burr & Forman

Burr Alert: Employer Obligations Under New HIPAA Rules

Burr & Forman on

With all of the attention garnered by healthcare reform, it would be easy to overlook the new HIPAA rules (the "Rules") applicable to covered entities under HIPAA, which include employer group health plans. Compliance with...more

Cozen O'Connor

Highlights of the Omnibus HIPAA/HITECH Final Rule

Cozen O'Connor on

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more

Womble Bond Dickinson

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Womble Bond Dickinson on

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

Littler

What Do Employers Really Need to Know About the New HIPAA/HITECH Omnibus Final Rule?

Littler on

The Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act Omnibus Rule, published in the Federal Register Jan. 25, makes many changes to the HIPAA Privacy Rule,...more

Snell & Wilmer

HHS Publishes Long-Awaited Final Omnibus Rules for HIPAA

Snell & Wilmer on

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published today the final regulations for the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (the Omnibus Rules). The Omnibus...more

Ballard Spahr LLP

Final Regulations Address Privacy and Security of Health Information

Ballard Spahr LLP on

The U.S. Department of Health and Human Services (HHS) issued final regulations last week that modify many aspects of the privacy and security rules under the Health Insurance Portability and Accountability Act (HIPAA) and...more

Mintz - Privacy & Cybersecurity Viewpoints

HITECH Omnibus Rule Basics

Mintz - Privacy & Cybersecurity Viewpoints on

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

BakerHostetler

The HIPAA/HITECH Final Rule Has Been Released

BakerHostetler on

The long awaited HIPAA/HITECH Final Rule is out. The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance....more

Nossaman LLP

HIPAA Game-Changer: Are You Ready? OCR Releases Long-Awaited HIPAA/HITECH Rules

Nossaman LLP on

If your business is affected by HIPAA, 2013 will be a year of significant change. ...more

20 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide