News & Analysis as of

Risk Management Health Insurance Portability and Accountability Act (HIPAA)

Purpose Legal

Top AI-Related Concerns in eDiscovery—And How to Address Them

Purpose Legal on

As a Vice President of Regional Sales at Purpose Legal, I spend a lot of time speaking with legal teams about their biggest concerns when it comes to AI in eDiscovery. Whether I’m meeting with corporate legal departments, law...more

Arnall Golden Gregory LLP

OCR Announces Fifth Settlement Under Its Risk Analysis Initiative

Background - On March 21, 2025, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced a settlement with Health Fitness Corporation (“Health Fitness”), a company that provides wellness...more

U.S. Legal Support

Security Best Practices for Remote Depositions in the Digital Age

U.S. Legal Support on

Trial outcomes often hinge on witness testimony. Attorneys collect much of this testimony during a formal process called a deposition. A critical component of discovery, depositions traditionally occur in law offices or...more

Warner Norcross + Judd

OCR Enforcement Intensifies: Key Takeaways on Risk Analysis and Right of Access

Warner Norcross + Judd on

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has renewed its focus on two critical areas of HIPAA compliance: risk analysis and individual right of access. These enforcement...more

MoFo Life Sciences

AI Agent as a Service in Medtech: Key Considerations for Commercial Contracts

MoFo Life Sciences on

Artificial intelligence (AI) is transforming the medical technology (“medtech”) and healthcare industries through the integration of advanced AI agents. Unlike traditional AI systems that perform discrete, predefined tasks,...more

Lasher Holzapfel Sperry & Ebberson PLLC

Estate Planning for Young Adult Children

The job of parenting can be consuming with the drive to protect children in all circumstances, including the unthinkable. However, the topic of estate planning for children still looms large on the mind of most parents....more

Foley Hoag LLP - Security, Privacy and the...

HHS OCR Settles HIPAA Security Rule Investigation with Health Fitness Corporation

On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more

Jackson Lewis P.C.

Health Fitness, OCR’s Risk Analysis Initiative, and the ERISA Fiduciary Duty to Select Plan Service Providers

Jackson Lewis P.C. on

On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more

Smith Anderson

Healthcare Cyberattacks Are on the Rise: Steps to Safeguard Your Organization

Smith Anderson on

Cyberattacks remain one of the most serious threats facing the healthcare industry. Healthcare providers and their vendors handle sensitive and valuable health data, making them prime targets for cybercriminals....more

Burr & Forman

Time for Spring Cleaning – Is Your HIPAA House Ready?

Burr & Forman on

When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more

Gardner Law

Recent Enforcement Reminds Companies: Assess HIPAA Compliance

Gardner Law on

A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Basic Compliance Academy - March 24th - 27th, Chicago, IL

Ideal for practitioners who want to build strong foundational knowledge of compliance program management in a healthcare setting and how to apply that knowledge in practice. Attendees will come away better prepared to...more

Clark Hill PLC

Right To Know - March 2025, Vol. 27

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Robinson+Cole Data Privacy + Security Insider

Warby Parker Settles Data Breach Case with OCR for $1.5M

Eyeglass manufacturer and retailer Warby Parker recently settled a 2018 data breach investigation by the Office for Civil Rights (OCR) for $1.5 million. According to OCR’s press release, Warby Parker self-reported that...more

BCLP

Cyber - More Than Just Breach Response

BCLP on

The vast majority of commentary and public advice concerning data breaches surround, deservedly, the breach itself. This focus is only natural; it is the breach itself that requires victims to bring enormous resources to bear...more

Bradley Arant Boult Cummings LLP

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes

In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the...more

Shook, Hardy & Bacon L.L.P.

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Morgan Lewis - ML Benefits

Tobacco Surcharge Lawsuits: Considerations for Plan Sponsors

A growing number of class action lawsuits have been filed against employer-sponsored self-insured group health plans alleging that tobacco cessation wellness programs violate key provisions of the Employee Retirement Income...more

Mintz - Privacy & Cybersecurity Viewpoints

Latest Installment of our Mintz Matrix!

Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more

Benesch

OCR Proposes Modification to HIPAA Security Rule

Benesch on

In late December 2024, the Office of Civil Rights at the U.S. Department of Health and Human Services (“OCR”) issued a notice of proposed rulemaking to modify the Security Standards to the Protection of Electronic Protected...more

Bradley Arant Boult Cummings LLP

The Why Behind the HHS Proposed Security Rule Updates

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the justifications...more

Saul Ewing LLP

Seeing is Believing: A Civil Money Penalty With Warby Parker Following Cybersecurity Incident

Saul Ewing LLP on

On February 20, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1.5 million civil money penalty (CMP) against Warby Parker, Inc. (WP). WP is a manufacturer and online...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Bradley Arant Boult Cummings LLP

HHS’s Proposed Security Rule Updates Will Require Adjustments to Accommodate Modern Vulnerability and Incident Response Issues

In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more

Polsinelli

CISA and FDA Sound Alarm on Backdoor Cybersecurity Threat with Patient Monitoring Devices

Polsinelli on

Last week, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) and the U.S. Food and Drug Administration (“FDA”) released warnings about an embedded function they found in the firmware of the Contec CMS8000,...more

369 Results
 / 
View per page
Page: of 15

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide