[Webinar] EHS in the Cannabis Industry: What Happens When the E stands for Enforcement?
Pamela Para on Effective Investigations in Healthcare
Susan Roberts on Creating a Compliance Program Book
Reasonable minds can differ
Compliance Perspectives: Risk and the 2020 Compliance & Ethics Institute
How to Assess the Likelihood of Success in Deciding Whether to Bring a Bid Protest
As the manufacturing sector continues to embrace the hyper-connected era of Smart Manufacturing, known as Industry 4.0, more and more organizations are integrating advanced automation, artificial intelligence (AI), the...more
The European Union (EU) is leading the global charge with AI regulations. U.S. companies are not beyond their regulatory reach, however, and should be preparing their AI risk mitigation efforts accordingly....more
From financial uncertainties to cybersecurity threats, regulatory changes, and everything in between, just how imperative is Enterprise Risk Management (ERM) technology in today’s business environment? According to a...more
As more and more of us return to the office, it’s a good time to revisit the passwords you use. It is therefore timely that the U.S. Department of Health and Human Services, Health Sector Cybersecurity Coordination Center...more
Before the CCPA became enforceable on July 1, 2020, much ink was spilled (or many keys were hit) about the California Office of the Attorney General’s (“OAG”) ability to obtain civil penalties for CCPA violations. After that...more
Medical Informatics Engineering, Inc. (Medical Informatics) and its wholly-owned subsidiary, NoMoreClipboard, LLC, an electronic medical record and software services provider is now liable for a combined total of $1 million...more
According to a summary released by the HHS Office for Civil Rights (OCR), in 2018, OCR settled 10 cases and was granted summary judgment in one case totaling $28.7 million in recoveries for alleged violations of the Health...more
We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more
It has been a busy few weeks for HIPAA enforcement. On Tuesday, the Office for Civil Rights announced its third resolution of a HIPAA breach in as many weeks. In this latest matter, OCR announced that Pagosa Springs Medical...more
Last week, the Office for Civil Rights (OCR) announced that it had reached a settlement with a contract physician group based in Florida to resolve potential HIPAA violations relating to the sharing of protected health...more
Another government settlement demonstrates that not having a HIPAA compliance program can be costly. U.S. Department of Health and Human Services (HHS)'s Office for Civil Rights (OCR) announced, on Dec. 4, 2018, that Advanced...more
On October 15, 2018, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that Anthem, Inc. (Anthem) agreed to pay $16 million to settle allegations relating to HIPAA violations...more
In This Issue. The Office of the Comptroller of the Currency (OCC) released its annual supervision operating plan outlining its bank supervision priorities, issued an updated Truth in Lending Act booklet, and provided...more
Earlier this week, I moderated a panel discussion at an event hosted by the New York chapter of the Health Information and Management Systems Society (HIMSS). The panel was comprised of private sector health information...more
On January 4, 2018, the National Health Information Sharing and Analysis Center (NH-ISAC) posted an announcement regarding the cybersecurity threats Meltdown and Spectre that were recently identified....more
With respect to enforcement, the Department of Health and Human Services, Office for Civil Rights (OCR) announced two Settlement Agreements to resolve allegations of HIPAA violations between May and October of 2017. Neither...more
The Situation: Earlier this year, the People's Republic of China enacted its Cybersecurity Law, which granted authorities broad, explicit powers to monitor and investigate activities falling under its purview, along with the...more
While your business may indeed be a “victim” when hit by a phishing attack, your enterprise can also be responsible for violations of law associated with the incident. Earlier this week, the HHS Office for Civil Rights...more
On February 16, 2017, the U.S. Department for Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that Memorial Healthcare Systems of Florida (“MHS”) agreed to pay $5.5 million and enter into a...more
On January 9, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) took action against a health system for non-timely reporting of a breach of protected health information. It was the first...more
On October 18, 2016, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that St. Joseph Health (SJH) agreed to settle allegations relating to the HIPAA Privacy and Security Rules,...more
On October 18, 2016, the Department of Health and Human Services, Office of Civil Rights (“OCR”) announced a $2.14 million settlement with St. Joseph Health (“St. Joseph”), a non-profit integrated Catholic healthcare delivery...more
This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more
The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more