While some of the legal requirements on your organization can seem overly burdensome, there are times when legal requirements also align nicely with what makes good business sense. Risk assessments in the healthcare industry...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
We expect 2018 to be another year of rapid change within the health care industry. In this episode, Mary Beth Johnston highlights some of the key topics that the health care practice group will monitor in the coming year,...more
Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more
Although it is not a new requirement, it is important and therefore worth a reminder: HIPAA requires covered entities to establish and implement written policies and procedures that are consistent with its Privacy and...more
On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more
The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has posted an alert (and a follow-up alert) warning health plans, health care providers, and their vendors of a mock communication...more
Covered Entities and Business Associates may be ringing in the New Year with the prospect of responding to on-site HIPAA audits by federal regulators. The U.S. Department of Health and Human Services Office for Civil Rights...more
The Office of Civil Rights (OCR) recently uploaded two items of interest: information regarding the largest penalty to date against a single entity, Advocate Health Care Network (Advocate), and HIPAA Phase II Desk Audit...more
Federal regulators announced last week that Illinois’ largest hospital chain would pay $5.5 million, a record payment under the Health Insurance Portability and Accountability Act (HIPAA), in connection with three 2013 data...more
Despite the fact that Business Associates have been directly subject to and liable under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (HIPAA) since February 18, 2010 the...more
The Office of Civil Rights (OCR) of the Department of Health and Human Services has moved forward with Phase 2 of its Health Insurance Portability and Accountability Act of 1996 (HIPAA) audit program. On Monday, July 11,...more
Featuring Iliana L. Peters, J.D., LL.M., Senior Advisor for HIPAA Compliance and Enforcement at the HHS Office for Civil Rights, and Members of Williams Mullen’s Health Care Practice...more
Our predictions that the Office for Civil Rights (OCR) will become more aggressive with audits, investigations, and fines against HIPAA business associates has come true. On June 24, 2016, the OCR announced that it has...more
On March 21, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”), announced the launch of the 2016 Phase 2 Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Audit...more
In an effort to review and examine compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), the Department of Health and Human Services Office for Civil...more
Recent settlements and initiatives conducted by the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services highlight the continuing need for focus on compliance with the privacy and security...more
On March 21, 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced the launch of the long-awaited Phase 2 HIPAA Audit Program (Phase 2), and OCR activities related to Phase 2 are already...more
The recently announced OCR HIPAA audits are not a cause for panic, according to experts, especially of organizations have proper documentation. With the most recent round of OCR HIPAA audits announced just last month,...more
The Office for Civil Rights (OCR) has issued its revamped audit protocol for its second phase of auditing covered entities and business associates’ compliance with the HIPAA Privacy, Security and Breach Notification Rules....more
The Office of Civil Rights (OCR) of the Department of Health and Human Services has begun Phase 2 of its audit program under the Health Insurance Portability and Accountability Act (HIPAA). In this phase, OCR will: -...more
Just in time for the Phase 2 audits, the Department of Health and Human Services Office for Civil Rights (OCR) quietly posted the updated HIPAA Audit Protocol on its website. The new audit protocol has been updated to include...more
The OCR recently announced the beginning of the next phase of the HIPAA Privacy, Security, and Breach Notification Audit Program and indicated that it will review the policies and procedures implemented by covered entities...more