New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Hybrid Workforces and Compliance with Sheila Limmroth
HIPPA: Privacy & Security and Potential Rule Changes
In light of the changing legal landscape following Dobbs v. Jackson Women’s Health Organization, the Department of Health and Human Services (the “Department”) issued a final rule (link, and corresponding fact sheet link)...more
On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health...more
Happy Holidays! The December Monthly Minute includes a fiduciary checkup reminder and a look at HHS’ recent settlement stemming from a phishing attack that impacted ePHI of nearly 35,000 individuals....more
On October 18, 2023, the Office for Civil Rights (OCR) of the US Department of Health and Human Services (HHS) issued two resource documents to help explain the privacy and security risks to patients’ protected health...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
March was a busy month for data privacy and security, especially as it relates to health care entities. To help keep you up to date with the changes, we’ve included a few highlights for you below... ...more
On February 9, 2022, US Senators Bill Cassidy, M.D. (R-LA) and Tammy Baldwin (D-WI) introduced bipartisan legislation designed to modernize health privacy laws, including the Health Insurance Portability and Accountability...more
Imagine if a doctor could diagnose and treat an illness immediately after a quick non-invasive scan of your whole body. Does this sound like something out of the science fiction TV show Star Trek? ...more
On June 9, 2021, OCR distributed an update to those on its Privacy List sharing links to alerts and resources for addressing the growing number and size of ransomware incidents. One such resource included a White House memo...more
In December 2020, the Department of Health and Human Services (HHS) announced proposed major revisions to the HIPAA Privacy Rule, which would be the first significant changes to the Privacy Rule since the 2013 Omnibus Rule. ...more
On December 10, 2020, the Department of Health and Human Services (HHS) announced proposed revisions to the HIPAA Privacy Rule that would significantly impact the day-to-day operations of HIPAA covered entities. In this...more
On December 17, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its Industry Report on the HIPAA audits it conducted in 2016 and 2017. OCR found widespread noncompliance with...more
Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), the agency enforcing the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach...more
The Office of Civil Rights of the U.S. Department of Health and Human Services has issued guidance clarifying how HIPAA’s Privacy Rule permits covered entities (in particular, health care providers and health plans) or their...more
Partner Reece Hirsch recently attended and spoke at the 2020 Health Datapalooza held in Washington, DC. This year, Health Datapalooza was co-located with the National Health Policy Conference, providing attendees with an...more
School leaders are often understandably confused as to which law applies to health- or medical-related records in schools: The Family Educational Rights and Privacy Act (FERPA) or the Health Insurance Portability and...more
Business associates may want to use a covered entity’s protected health information (“PHI”) for the business associates’ own purposes, e.g., for their own product development, data aggregation, marketing, etc. However, with...more
Recent experiences of major health care companies offer a reminder of the importance of data security and following a well-written policy for compliance with the HIPAA Privacy Rule....more