New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Health Tech Podcast - Episode 3: HIPAA, HITECH and TCPA
The Biggest Changes in HIPAA/HITECH Omnibus Rule & Recommended Action Steps—Ted Kobus
Newly effective regulations governing confidentiality of Substance Use Disorder (SUD) records now more closely mirror regulations implementing the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and other...more
Editor’s Note: PYA and Foley & Lardner hosted the 6th Annual “Let’s Talk Compliance” two-day Virtual Conference on January 18 and 19, 2024. Panelists included Foley & Lardner attorneys and PYA experts. The event was hosted by...more
On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more
On February 12, 2024, the U.S. Department of Health and Human Services (“HHS”) published a notice in the Federal Register regarding reinstatement of the Health Information Portability and Accountability Act of 1996 (“HIPAA”)...more
Last week, the Department of Health and Human Services (HHS) released a final rule intended to implement a 2020 modification to the federal substance use disorder (SUD) privacy statute. The final rule more closely aligns the...more
The emergence of generative machine learning models, such as ChatGPT, has led to a surge in interest in artificial intelligence (“AI”) over the past year. This increased interest extends to the health care industry, where AI...more
The Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the...more
The U.S. Department of Health and Human Service’s Office of Civil Rights (“OCR”) has announced that several notifications of enforcement discretion issued during the COVID-19 public health emergency (“PHE”) will expire...more
"Rather than reacting, you must be proactive and preventive. By doing this, you will not only be prepared for the potential obstacles that face your company, but you will most likely eliminate obstacles before they appear." ...more
Report on Patient Privacy Volume 22, Number 11. (November 2022) Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced June 10, 2022 that it is producing a video presentation on “recognized security practices” as set forth in the recent amendment of...more
The HHS Office for Civil Rights released, at the end of last year, findings from audits it conducted in 2016 and 2017 of 166 covered entities and 41 business associates. The report represents the periodic audit that the...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. The report confirms the...more
In a scathing report released last Friday, the Department of Health and Human Services Office of the National Coordinator (ONC) accused hospitals and software vendors of preventing the sharing of health information in order...more
The U.S. Federal Trade Commission (FTC) Staff Report titled "Internet of Things: Privacy & Security in a Connected World," released in January 2015, continues to generate interest and questions about the regulation of health...more
The passage of the ARRA HITECH Act in 2009 fostered significant advancements in patient engagement and care coordination by incentivizing primarily physical health providers and acute care hospitals to make smarter use of...more
Last week, the HHS Office of Civil Rights (OCR) released two reports required by the Health Information Technology for Economic and Clinical Health (HITECH) Act: (i) the Annual Report to Congress on Breaches of Unsecured...more
Starting in 2015, eligible physicians and hospitals participating in the Medicare Electronic Health Records Incentive Program who do not adopt "meaningful" use" certified electronic health record (EHR) technology will no...more
The HIPAA Privacy Rule has always provided an individual patient the right to request special, confidential treatment of his or her protected health information (PHI). That right is not absolute, however. Covered entities...more
Ten Years In: Charting the Progress of Health Information Exchange in the U.S. - HITECH: Federal Dollars Spur Adoption and Use: The modern era of HIE-related public policy began in May 2004 with the appointment...more
Under the recently enacted Health Information Technology for Economic and Clinical Health (HITECH) Act, and implementing regulations, the definition of the HIPAA term "Business Associate" has been expanded. A "Business...more
Adult and Pediatric Dermatology (A&P Dermatology) of Concord, Massachusetts has entered into a resolution agreement with the Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance...more
Under the HIPAA Privacy Rule, a Covered Entity is required to revise its notice of privacy practices (“NPP”) where there is a material change to any of its privacy policies. The HIPAA/HITECH Omnibus Final Rule (the “Omnibus...more
Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more