Updates to Statute 1557 that Healthcare Providers Need to Know
Privacy and Healthcare Business Associates with Isabella Porter
State Law Privacy Video Series | Healthcare Entities and Health Data
Gerry Blass on Healthcare Vendor Risk Management
AGG Talks: Technology - In the Balance: Interoperability and Security
Is Your Practice's Marketing HIPAA Compliant?
Relaxed HIPAA Restrictions For Providers Using Telehealth
Compliance Perspectives: Permissible Disclosures under HIPAA, Especially in the Time of COVID-19
Polsinelli Podcasts - Confusion to Clarity on the Future of the 340B Program
Polsinelli Podcast - HIPAA Changes Overview
On June 20, 2024, a U.S. federal district court held, in a suit brought by Jones Day, that the Department of Health and Human Services ("HHS") had misapplied the Health Insurance Portability and Accountability Act ("HIPAA")...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued guidance regarding covered entities’ and business associates’ use of tracking technologies (the Guidance). As discussed in greater detail...more
On December 1, 2022, the Centers for Medicare and Medicaid Services’ Office of Civil Rights (OCR) issued new guidance to covered entities and business associates regarding website and application user data tracking and how...more
Covered Entities and Business Associates must comply with HIPAA in their use of online tracking technologies, including cookies, pixels or similar code. The U.S. Department of Health and Human Services (HHS), Office for Civil...more
In June 2022, the HHS Office for Civil Rights issued new HIPAA Privacy Rule Guidance in response to the Supreme Court’s decision in Dobbs v Jackson Women’s Health Organization and state legislation which followed the decision...more
Following the Supreme Court’s ruling overturning Roe v. Wade in Dobbs v. Jackson Women’s Health Organization, the Biden Administration has outlined a framework for federal executive action designed to protect access to...more
Many states have enacted or revived statutes limiting or barring access to abortion in the wake of the Supreme Court of the United States’ ruling in Dobbs v. Jackson Women’s Health Organization and further legislative or...more
On June 29, in response to the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, the U.S. Department of Health & Human Services Office for Civil Rights (HHS OCR) issued guidance on when entities...more
The Office of Civil Rights (“OCR”), which is the federal agency that enforces the health care privacy rules under the Health Insurance Portability and Accountability Act (“HIPAA”), recently published guidance covering various...more
The United States Department of Health and Human Services Office for Civil Rights (OCR) recently issued updated guidance on contacting former COVID-19 patients about blood plasma donation in light of the privacy protections...more
As a result of the novel Coronavirus pandemic, the Office for Civil Rights (OCR) recently issued several pieces of guidance to help HIPAA covered entities and their business associates to best address how patient information...more
School leaders are often understandably confused as to which law applies to health- or medical-related records in schools: The Family Educational Rights and Privacy Act (FERPA) or the Health Insurance Portability and...more
On February 3, 2020, the U.S. Department of Health and Human Services (HHS) issued a bulletin (the Bulletin) to remind covered entities and business associates of how patient information may be shared under HIPAA in the event...more
The HHS Office for Civil Rights (OCR) released a new guidance document regarding which HIPAA violations business associates (BAs) can and cannot be held directly liable for. In the guidance, OCR states that BAs can be held...more
The U.S. Department of Health and Human Services (HHS) recently issued a newsletter providing guidance on the proper decommission and disposal of electronic devices and media containing sensitive information, such as...more
The FBI has issued new guidance specifically applicable to medical and dental facilities regarding the cybersecurity risk of File Transfer Protocol (“FTP”) servers operating in “anonymous” mode. FTPs are routinely used to...more
HHS recently posted guidance on its website addressing HIPAA’s approach to cloud computing. Basically, any time a cloud service provider has electronic protected health information (ePHI), it’s a business associate. This is...more
On October 7, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance. As discussed below,...more
On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (OCR) released HIPAA guidance on cloud computing (Guidance). The Guidance is intended to help covered entities and business associates...more
The Office of Civil Rights (“OCR”) has issued new guidance in connection with an increase of malicious cyberattacks, namely ransomware attacks on healthcare organization’s computer systems. Ransomware is a defined by HHS as a...more
Ransomware attacks at hospitals and other healthcare facilities have dramatically increased over the last several years, putting healthcare providers in the uncomfortable position of having to consider paying thousands of...more
The US Department of Health and Human Services (HHS) has recently issued guidance under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and...more
One of the fastest growing areas of cybercrime is ransomware. Ransomware is a type of malicious software that encrypts data and makes it inaccessible to authorized users. The hackers who orchestrate ransomware attacks demand...more
A U.S. government interagency report indicates that there has been a 300 percent increase in the daily ransomware attacks in 2016 as compared to 2015. Ransomware is malicious software that, when introduced into a system,...more
On July 11, 2016, the Office for Civil Rights (OCR) released important new guidance on ransomware for hospitals and other healthcare providers and finally addressed the question of whether electronic protected health...more