Updates to Statute 1557 that Healthcare Providers Need to Know
Privacy and Healthcare Business Associates with Isabella Porter
State Law Privacy Video Series | Healthcare Entities and Health Data
Gerry Blass on Healthcare Vendor Risk Management
AGG Talks: Technology - In the Balance: Interoperability and Security
Is Your Practice's Marketing HIPAA Compliant?
Relaxed HIPAA Restrictions For Providers Using Telehealth
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
Polsinelli Podcasts - Confusion to Clarity on the Future of the 340B Program
Polsinelli Podcast - HIPAA Changes Overview
Attestations are at the heart of permissible disclosures under the HHS Office for Civil Rights’ (OCR) new reproductive health privacy rule—and OCR wants covered entities (CEs) and business associates (BA) to use them now. The...more
On May 31, 2024, more than four months after the February 2024 Change Healthcare ransomware attack, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) updated its Change Healthcare FAQs. ...more
After months of uncertainty and multiple letters from industry associations advocating on behalf of the healthcare industry with the U.S. Department of Health and Human Service (HHS) Office for Civil Rights (OCR), covered...more
The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more
On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification...more
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more
On Feb. 16, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published its 2022 Annual Report to Congress. ...more
March 1, 2022, is the date by which HIPAA-covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of "small" breaches of unsecured protected health information that were...more
The Federal Trade Commission (FTC) adopted a policy statement on Sept. 15, 2021, emphasizing that developers of digital health apps, connected devices and other health products have obligations under the Health Breach...more
As the COVID-19 pandemic in the United States is easing, telemedicine is facing an important crossroads. While telehealth services have demonstrated their value as an integral part of care delivery, federal and state waivers...more
March 1, 2021, is the due date for HIPAA-covered entities to notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) about "small" breaches of unsecured protected health information discovered...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
The worldwide COVID-19 pandemic visited on America in the past several months has quickly reinvigorated the foundational and important debate concerning where, in a free society, individual autonomy ends (or should end) and...more
One health system recently learned the cost of relying too heavily on the HIPAA Breach Notification Rule’s “low probability of compromise” standard when it failed to notify all affected individuals and report the HIPAA breach...more
The HHS Office for Civil Rights (OCR) released a new guidance document regarding which HIPAA violations business associates (BAs) can and cannot be held directly liable for. In the guidance, OCR states that BAs can be held...more
On May 24, 2019, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), released a new fact sheet describing 10 ways in which a “business associate” can be liable under HIPAA. ...more
The CMS Division of National Standards, on behalf of HHS, is launching the Compliance Review Program (the “Program”) to ensure compliance among covered entities with HIPAA Administrative Simplification rules for electronic...more
When you think about reporting a healthcare data breach to authorities, family-owned furniture manufacturers nestled in the serenity of North Carolina aren’t exactly at the top of the list....more
The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more
From the recent headline-grabbing attacks on hospitals and municipalities, the specter of cybersecurity threats looms large. As a result, spending on cybersecurity initiatives is expected to reach $96 billion this year....more
The Health Insurance Portability and Accountability Act ("HIPAA") Privacy Rule attempts to strike a balance between the protection of a patient's privacy and the performance of important law enforcement functions. This...more
Healthcare providers, health plans and healthcare clearinghouses (“covered entities”) and business associates are subject to significant penalties for violations of the HIPAA Privacy, Security and Breach Notification Rules....more
Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more
Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more
March 1, 2017 is the date by which HIPAA covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were...more