New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Navigating the Labyrinth of Private Equity Investments in Health Care – Diagnosing Health Care
HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Hospice Insights Podcast - A Refresh: What’s New in the New OIG General Compliance Program Guidance
The Presumption of Innocence Podcast: Special Edition | Episode 36 - Rolling Change: The DEA Turns Over a New Leaf on Marijuana Scheduling
Understanding the HHS OIG’s General Compliance Program Guidance
OMG. . .The OIG is at it Again
The FTC's Health Privacy Enforcement Actions
Medical Device Legal News with Sam Bernstein: Episode 19
Episode 303 --- Deep Dive into the HHS-OIG Compliance Program Guidance
Counsel That Cares - The Private Payer's Perspective on Value-Based Care
Medical Device Legal News with Sam Bernstein: Episode 17
Podcast - Data Privacy and Tracking Technology Compliance
Podcast - A Conversation on Cannabis: Are Challenges or Changes Coming?
Heed Caution: Takeaways From the OIG's Advance Care Planning Report
2023 Human Resources Outlook Podcast Series: EMEA
Telehealth Risk Report: What the Government Found
UPIC Report Card: The OIG’s Evaluation of the UPICs Provides Insight Into the Future of Hospice Audits
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Shortly after our prior blog post discussing the need for healthcare entities to shore up protections against phishing attacks, the Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI)...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
CYBERSECURITY - Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks - The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving...more
Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more
The number of large data breaches, those involving 500 or more people, exposing protected health information has increased exponentially in the last few years, and ransomware and hacking are the primary cyber threats in...more
The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more
According to the Theft Resource Center and its 2022 data breach reports, data privacy and security threats are impacting all aspects of the healthcare industry – from providers to payers to medical device companies to...more
New York Gov Kathy Hochul is touting her proposed statewide cybersecurity regulations for hospitals and health systems as “nation-leading,” and, if approved, those entities will have until February 2025 to comply with the new...more
On July 20, 2023, the Federal Trade Commission (“FTC”) and the Office for Civil Rights of the United States Department of Health and Human Services (“OCR”) announced that they had sent a warning letter to about 130 hospital...more
Health and Human Services (HHS) has released a report that details findings about the state of hospital cyber systems across the United States. In connection with a recent Ponemon Institute report on the cost and impact on...more
On February 17, 2023, the US Department of Health and Human Services Office for Civil Rights (OCR) released two companion reports to Congress detailing its actions in 2021 to enforce the privacy, security, and breach...more
Statistics show that cybercrime increases significantly during the holiday season. Threat actors anticipate that workers are distracted and more likely to fall victim to a phishing email scam than any other time of the year....more
General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health...more
Report on Patient Privacy 22, no. 9 (September, 2022) - More than 92% of patients believe privacy is a right and their health data should not be available for purchase, according to a survey from the American Medical...more
Report on Patient Privacy 22, no. 3 (March, 2022) - HHS said in early March that it was not aware of any specific threat to U.S. health care organizations stemming from the Russian invasion of Ukraine. “However, in the...more
Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
The U.S. Department of Health and Human Service’s Office for Civil Rights in Action (OCR) issued a warning that cybercriminals are attempting to exploit a critical vulnerability in VMware software. This alert originates from...more
Selected Developments in U.S. Law - Fifth Circuit Decision Raises Cyber Enforcement Complications for the U.S. Department of Health and Human Services As the Biden Administration begins detailing its regulatory and...more
Compliance Today (January 2021) - The newly created Cybersecurity and Infrastructure Security Agency issued a joint alert with the Federal Bureau of Investigation and the U.S. Department of Health & Human Services regarding...more
CISA, FBI, & HHS Warn of Ransomware Activity Targeting the Healthcare Sector - On October 28, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of...more
On October 28, 2020, a coalition of US government entities consisting of the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services...more
As hospitals and healthcare providers/systems (collectively, “Healthcare Providers”) across the nation have been reacting to spiking COVID-19 cases, an increased, imminent cybercrime threat targeting Healthcare Providers has...more