News & Analysis as of

Protected Health Information Hackers Department of Health and Human Services (HHS)

ArentFox Schiff

Key Takeaways from OCR’s CY22 HIPAA Reports to Congress

ArentFox Schiff on

On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification...more

Ankura

OCR Settlement of HIPAA Violation of Business Associate

Ankura on

On May 16, 2023, the U.S. Department of Health and Human Services (DHHS) through the Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act...more

Console and Associates, P.C.

Mount Desert Island Hospital Notifies 24,180 of Data Breach Involving Leaked Social Security Numbers

On June 30, 2023, Mount Desert Island Hospital (“MDIH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had gained...more

ArentFox Schiff

Key Takeaways from OCR’s Latest Annual HIPAA Reports to Congress

ArentFox Schiff on

On February 17, 2023, the US Department of Health and Human Services Office for Civil Rights (OCR) released two companion reports to Congress detailing its actions in 2021 to enforce the privacy, security, and breach...more

Health Care Compliance Association (HCCA)

Report on Research Compliance Volume 20, Number 3. In This Month's E-News: March 2023

Report on Research Compliance Volume 20, Number 3. February 23, 2023 - The Office of Management and Budget (OMB) is planning to revise the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 22, Number 6. Privacy Briefs: June 2022

Report on Patient Privacy 22, no. 6 (June, 2022) - A report from the HHS Health Sector Cybersecurity Coordination Center (HC3) found that in early 2022, ransomware groups increasingly turned to legitimate software during...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 22, Number 3. Privacy Briefs: March 2022

Report on Patient Privacy 22, no. 3 (March, 2022) - HHS said in early March that it was not aware of any specific threat to U.S. health care organizations stemming from the Russian invasion of Ukraine. “However, in the...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 22, Number 2. Privacy Briefs: February 2022

Report on Patient Privacy 22, no. 2 (February, 2022) - Tensions between the U.S. and Russia could lead to a heightened risk of Russian state-sponsored cyberattacks on U.S. interests, including health care organizations,...more

Health Care Compliance Association (HCCA)

2022 Outlook: More Dangerous Ransomware Coupled With Inadequate Security Practices

Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more

Robinson+Cole Data Privacy + Security Insider

HHS Issues Update to Ransomware Threat Alert to Health Care Sector

The Department of Health and Human Services’ (HHS) Division of Critical Infrastructure Protection (CIP) issued a health care and public health sector notification this week entitled “Ransomware Activity Targeting the...more

Health Care Compliance Association (HCCA)

Report on Patient Privacy Volume 20, Number 11. Privacy Briefs: November 2020

Report on Patient Privacy 20, no. 11 (November 2020) - HHS Office of the National Coordinator (ONC) for Health Information Technology (ONC) is giving health care organizations more time to meet new rules on information...more

Health Care Compliance Association (HCCA)

Settlement Involves 'Dark Overlord' Hack, Tip by Breach-Tracking Journalist

Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - March 2020 #3

Robinson & Cole LLP on

HHS Targeted by Nation-State Hackers - Evil doers know that the best time to attack is during a crisis or a time of vulnerability. As the United States, and specifically, the Department of Health and Human Services (HHS)...more

Robinson+Cole Data Privacy + Security Insider

Over 30 Data Breach Incidents in Health Care Reported to HHS Thus Far in 2020, Affecting Over 1 Million Individuals

Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), over 30 reports of data breaches have been filed by health care...more

Robinson+Cole Health Law Diagnosis

Texas Health and Human Services Fined $1.6 Million for HIPAA Violations

The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more

Robinson+Cole Data Privacy + Security Insider

HHS Increases Civil Monetary Penalties under HIPAA

In accordance with the Inflation Adjustment Act, the Department of Health and Human Services (HHS) has updated its regulations to reflect required annual inflation-related increases to civil monetary penalties, including...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - October 2019 #4

Robinson & Cole LLP on

Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities in order to listen to users’ every word to...more

Faegre Drinker Biddle & Reath LLP

Business Associate Failed to Safeguard 3.5 Million Patients’ Medical Records

Medical Informatics Engineering, Inc. and its wholly-owned subsidiaries (MIE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS-OCR) entered into a $100,000 settlement and two-year...more

Saul Ewing LLP

Hacked Business Associate Agrees to Pay $100,000 as Part of HIPAA Settlement

Saul Ewing LLP on

On May 23, 2019, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced that Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to settle alleged HIPAA violations that...more

Holland & Knight LLP

Impact of the New Health Industry Cybersecurity Practices: 2019 Outlook

Holland & Knight LLP on

• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more

Bricker Graydon LLP

HHS releases voluntary cybersecurity guidance for health care organizations

Bricker Graydon LLP on

The Department of Health and Human Services (HHS) estimates that U.S. health care systems lost around $6.2 billion in 2016 due to data breaches. Congress and HHS have recently taken affirmative steps towards reducing that...more

Robinson+Cole Health Law Diagnosis

HHS Issues Cybersecurity Practices for Health Care Industry

Just before the new year, the Department of Health and Human Resources (HHS) released voluntary cybersecurity practices for health care organizations, which consists of a main document, two technical volumes, and resources...more

Robinson+Cole Data Privacy + Security Insider

HHS Issues Cybersecurity Practices for Healthcare Industry

Just before the new year, the Department of Health and Human Resources (HHS) released voluntary cybersecurity practices for healthcare organizations, which consists of a main document, two technical volumes, and resources and...more

Holland & Hart - Health Law Blog

Handling HIPAA Breaches: Investigating, Mitigating and Reporting

HIPAA privacy and security violations can result in fines of $110 to $55,100 to covered entities (including healthcare providers and health plans) and their business associates. (45 CFR 160.404). If the violation resulted...more

Cozen O'Connor

Anthem Agrees To Record Data Breach Settlement

Cozen O'Connor on

In the wake of the largest U.S. health care data breach in history, Anthem, Inc., has agreed to pay $16 million to the Office for Civil Rights, which is a record settlement for alleged HIPAA violations. According to the...more

36 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide