Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
Compliance Perspective: What's New in Healthcare Privacy
During the first half of this webinar, Jen Mitchell, Bryan Murray and Laura Fryan, will focus on practical tips and pointers on avoiding a HIPAA breach and what lessons you can take away from the Change Healthcare breach. ...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
In March of this year, The Office for Civil Rights of the Department of Health and Human Services issued a letter addressing the recent cybersecurity incident impacting many health care entities, primarily Change Healthcare,...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
Data Breaches risk legal consequences—both from state and federal governments and consumers, as well as reputational harm. Last month, MCNA—a dental benefit provider—provided notice of a data breach that exposed the...more
GoodRx Faces Million Dollar Proposed Penalty from FTC in First Enforcement Action Under the Health Breach Notification Rule - Settlement reveals views on application of unfairness authority to sharing of sensitive...more
General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more
HIPAA-covered entities should note the quickly approaching March 1, 2022 deadline for reporting breaches of unsecured protected health information that occurred in 2021 and involved fewer than 500 individuals. This article...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
Health care technology has seen an incredible amount of change over the past twelve months. As health care providers and entities continue to provide patient care in unprecedented times, it is becoming increasingly important...more
Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition. https://www.hcca-info.org/health-care-privacy-handbook To learn what’s new in the book and in healthcare privacy...more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks as the company races to deploy its COVID-19...more
Report on Patient Privacy 20, no. 11 (November 2020) - In her 14-plus years of investigating and blogging about hacking and breaches, “Dissent” has been yelled at, threatened with lawsuits and accused of being a criminal....more
Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more
Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services imposed a $1.6 million civil money penalty (CMP) against the Texas Health and Human Services Commission, Department of Aging and Disability...more
Ohio Attorney General Dave Yost recently announced a multistate settlement that will require health insurance company Premera Blue Cross to pay $10 million following a breach of protected health information (PHI). According...more
Following an investigation led by the Washington Attorney General, Premera Blue Cross has agreed to pay $10 million to 30 states after experiencing a data breach in 2014 that compromised the Protected Health Information of...more
Medical Informatics Engineering, Inc. and its wholly-owned subsidiaries (MIE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS-OCR) entered into a $100,000 settlement and two-year...more
Twelve state attorneys general have brought suit against two medical Information Technology companies. The AGs allege that the companies, Medical Informatics Engineering Inc. and its subsidiary, NoMoreClipboard LLC, had poor...more
Recent experiences of major health care companies offer a reminder of the importance of data security and following a well-written policy for compliance with the HIPAA Privacy Rule....more
The United States Attorney’s Office for the District of Massachusetts recently announced that three former district managers of the pharmaceutical firm Warner Chilcott have been sentenced for violating the Health Insurance...more