HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more
Welcome to our seventh issue of The Health Record - our healthcare law insights e-newsletter. This will be our final issue of 2024. When we started this publication earlier this year, our goal was to provide our clients,...more
What is OCR saying these days about Title VI, and how are the courts approaching Title VI litigation? Join Bricker Graydon Higher Education attorneys for a free webinar on the latest updates in Title VI litigation and OCR...more
On October 31, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) embraced the end of Spooky Season by announcing two more ransomware-related enforcement actions. ...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Covered entities (CEs) and business associates (BAs) may receive a “discount” for having recognized security practices (RSPs) in place when the HHS Office for Civil Rights (OCR) calculates financial penalties for Security...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more
On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more
Because of pervasive misunderstanding of the Health Insurance Portability and Accountability Act (HIPAA), providers all too frequently create impermissible barriers to patient access to medical records. In many cases, such...more
Regulatory action and class action lawsuits related to pixels and other website technologies continued to surge in 2023 and 2024, particularly in the healthcare industry....more
On April 22, 2024, the Office of Civil Rights issued a Final Rule titled HIPAA Privacy Rule to Support Reproductive Health Care Privacy (2024 Final Privacy Rule). Originally Published by the American Bar Association....more
A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more
Our Health Care and Privacy, Cyber & Data Strategy Groups cover an upcoming proposed rule from U.S. Health and Human Services (HHS) that would formalize cybersecurity requirements and allow the Office for Civil Rights (OCR)...more
President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more
On April 22, 2024, the Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued a Final Rule titled HIPAA Privacy Rule to Support Reproductive Health Care Privacy (Final Rule)....more
On October 21, 2024, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil monetary penalty (“CMP”) of $70,000 against a solo dental practice that provides family dental...more
Ransomware attacks are a growing threat in the health care sector due to the value of personal health information (PHI). In addition to being expensive, these attacks can cripple health care operations, delay patient care,...more
The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) published its final rules implementing the anti-discrimination provisions under Section 1557 of the Affordable Care Act (“Final Rule”) on May...more
Before this year, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) resolved 70 breach investigations from which fines or civil monetary penalties were secured. Of those investigations, only...more
In October 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced the imposition of a civil monetary payment against Providence Medical Institute (“PMI”), a large medical...more
In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more
In the spirit of National Cybersecurity Awareness Month, the Office of Civil Rights (“OCR”) released a new video on October 17, 2024, to promote awareness on ransomware trends in the healthcare industry and how HIPAA subject...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more