New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Discussing Information Blocking with Eddie Williams
Expanded Information Block Rules Go into Effect
HIPPA: Privacy & Security and Potential Rule Changes
Compliance Perspectives: Privacy Investigations in a Virtual World
Tech Podcast: Interview With Innovative Health Care Tech Company Rymedi
Effectively Marketing Your Medical and Dental Practice While Staying Legally Compliant
Compliance Perspectives: The Ethics of Data
Compliance Perspective: What's New in Healthcare Privacy
Protecting Patient Medical Records
Exploring Digitization of Health and Medical Data and Records Part One
23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more
In light of the changing legal landscape following Dobbs v. Jackson Women’s Health Organization, the Department of Health and Human Services (the “Department”) issued a final rule (link, and corresponding fact sheet link)...more
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
This year, the federal government has made significant changes to longstanding health care privacy rules, while state lawmakers continue to enact privacy restrictions on consumer health data. These reforms modify legal...more
In March of this year, The Office for Civil Rights of the Department of Health and Human Services issued a letter addressing the recent cybersecurity incident impacting many health care entities, primarily Change Healthcare,...more
The number of data breaches affecting health care providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to a report from cybersecurity firm Critical Insight. Total...more
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,” which provides “tips on what organizations can do to prepare to deliver safe patient care in the...more
In an age where digital connectivity is rapidly advancing, cybersecurity has become an inescapable concern for organizations across industries. With cyber threats ranging from data breaches to ransomware attacks, it is...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
Report on Patient Privacy 22, no. 6 (June, 2022) - A report from the HHS Health Sector Cybersecurity Coordination Center (HC3) found that in early 2022, ransomware groups increasingly turned to legitimate software during...more
Report on Patient Privacy 22, no. 3 (March, 2022) - HHS said in early March that it was not aware of any specific threat to U.S. health care organizations stemming from the Russian invasion of Ukraine. “However, in the...more
HIPAA-covered entities should note the quickly approaching March 1, 2022 deadline for reporting breaches of unsecured protected health information that occurred in 2021 and involved fewer than 500 individuals. This article...more
The surge in new health apps and connected devices, which only increased during the pandemic, continues to raise many legal and ethical questions. As a result, lawmakers have been scrambling to define the obligations...more
Report on Patient Privacy 21 no. 9 (September, 2021) - DuPage Medical Group in Chicago said that the personal information of more than 600,000 patients may have been compromised in a July cyberattack. The medical group,...more
Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more
Report on Patient Privacy 18, no. 1 (January 2021) - The HHS Office for Civil Rights (OCR) settled its 13th enforcement action in its Right of Access Initiative, first announced in 2019 to support individuals’ rights to...more
Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition. https://www.hcca-info.org/health-care-privacy-handbook To learn what’s new in the book and in healthcare privacy...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
There are myriad opportunities for hospitals and health systems (HHSs) to engage in data-focused collaborations with other stakeholders in the healthcare industry. These collaborations include, to an increasing extent,...more
The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more
Twelve state attorneys general have brought suit against two medical Information Technology companies. The AGs allege that the companies, Medical Informatics Engineering Inc. and its subsidiary, NoMoreClipboard LLC, had poor...more
On June 18, 2018, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that an HHS Administrative Law Judge (“ALJ”) granted summary judgment to OCR in an enforcement action...more
Artificial Intelligence (AI) systems, including the use of algorithms and computer software to analyze complex data and perform certain decision making functions without direct human involvement, are rapidly developing in...more
Recent experiences of major health care companies offer a reminder of the importance of data security and following a well-written policy for compliance with the HIPAA Privacy Rule....more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more