News & Analysis as of

Risk Management Protected Health Information Department of Health and Human Services (HHS)

Ropes & Gray LLP

A Flurry of Healthcare Sector Cybersecurity Regulatory Developments in 2024

Ropes & Gray LLP on

2024 was a record year for cyberattacks in the healthcare sector. According to the Breach Portal maintained by the U.S. Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”), to date this year, there...more

Rivkin Radler LLP

Million Dollar Penalty Imposed on Pain Management Practice Following HIPAA Breach

Rivkin Radler LLP on

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on December 3 that it imposed a $1.19 million penalty on Gulf Coast Pain Consultants, a pain management practice in Florida, following...more

BakerHostetler

6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference

BakerHostetler on

On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more

Williams Mullen

Ransomware Hat Trick: OCR Scores Three Major Enforcement Actions in 2024

Williams Mullen on

Ransomware attacks are a growing threat in the health care sector due to the value of personal health information (PHI). In addition to being expensive, these attacks can cripple health care operations, delay patient care,...more

King & Spalding

OCR Settles Alleged HIPAA Violations for $950,000 Following 2017 Ransomware Attack

King & Spalding on

On July 1, 2024, the HHS Office of Civil Rights (OCR) announced that Pennsylvania-based healthcare system, Heritage Valley Health System (Heritage Valley), has agreed to pay $950,000 to settle potential violations of the...more

Epiq

Healthcare Organizations Can Meet New HHS Cybersecurity Goals with the Help of Tabletop Exercises

Epiq on

In today’s digital age, securing sensitive healthcare data is paramount. With the rise in cyber threats targeting healthcare organizations, the Department of Health and Human Services (HHS) has taken proactive steps to...more

Robinson+Cole Health Law Diagnosis

Forecasting the Integration of AI into Health Care Compliance Programs

Health care entities maintain compliance programs in order to comply with the myriad changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial...more

Benesch

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Benesch on

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more

Health Care Compliance Association (HCCA)

Privacy Briefs: March 2024

Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more

American Conference Institute (ACI)

[Event] 15th Annual Advanced Forum on Managed Care Disputes and Litigation - May 2nd - 3rd, Chicago, IL

ACI’s Advanced Forum on Managed Care Disputes and Litigation offers an unparalleled learning experience, specifically designed for the MCO legal community. Attend and develop winning legal strategies and business best...more

Paul Hastings LLP

Data Breaches Exposing Protected Health Information Are Surging

Paul Hastings LLP on

The number of large data breaches, those involving 500 or more people, exposing protected health information has increased exponentially in the last few years, and ransomware and hacking are the primary cyber threats in...more

Rivkin Radler LLP

Montefiore Medical Center Settles HIPAA Breach for $4.75 Million

Rivkin Radler LLP on

On February 6, the U.S. Department of Health and Human Services (HHS) announced a $4.75 million settlement with Montefiore Medical Center (MMC) for a breach of unsecured electronic protected health information (ePHI). The...more

Health Care Compliance Association (HCCA)

‘An Unknown Individual Walked In’: Protecting Against Telehealth Risks Includes Non-IT Threats

The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more

Hall Benefits Law

HHS Issues First Settlement for HIPAA Violations Related to a Ransomware Attack

Hall Benefits Law on

In late October, the U.S. Department of Health and Human Services (HHS) reached a settlement agreement with a medical management company based in Massachusetts over alleged HIPAA violations. Under the settlement terms, the...more

Butler Snow LLP

Health Care Due Diligence: An Ounce of Prevention is Worth a Pound of Cure

Butler Snow LLP on

Due diligence properly performed in connection with the purchase and sale of a health care entity is simply different—vastly so—than due diligence performed in other contexts. Failure to recognize this reality can lead to...more

Fox Rothschild LLP

L.A. Care to Pay $1.3 Million Settlement Over HIPAA Violations: What You Need to Know

Fox Rothschild LLP on

A recent settlement entered into by the nation’s largest publicly operated health plan serves as a stark warning to all entities and business associates subject to the Health Insurance Portability and Accountability Act:...more

Ankura

OCR Settlement of HIPAA Violation of Business Associate

Ankura on

On May 16, 2023, the U.S. Department of Health and Human Services (DHHS) through the Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act...more

WilmerHale

HHS OCR Settles with iHealth Solutions Over Alleged HIPAA Violations

WilmerHale on

On June 28, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement (resolution agreement and corrective action plan) with iHealth Solutions (also known as Advantum Health)...more

Tarter Krinsky & Drogin LLP

HIPAA Compliance Lessons for Covered Entities

The recent settlement between the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and a community hospital is a reminder of the importance of HIPAA compliance for all healthcare organizations. The...more

King & Spalding

Hospital Settles HIPAA Investigation Over Allegations of Medical Record Access by Security Guards

King & Spalding on

On June 15, 2023, OCR announced a settlement with Yakima Valley Memorial Hospital (Yakima) after completing a HIPAA investigation regarding allegations that hospital security guards accessed medical records of 419 patients....more

Foley & Lardner LLP

HIPAA Breaches and Compliance: Key Findings & Lessons Learned from OCR’s Reports to Congress

Foley & Lardner LLP on

The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently submitted two annual reports to Congress setting forth a summary of complaints and breaches reported to the OCR during...more

Faegre Drinker Biddle & Reath LLP

HIPAA Regulation of Online Tracking Technologies

In a December 2022 bulletin published by the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS), HHS made clear that the use of third-party tracking technologies by covered entities and business...more

Foley Hoag LLP - Security, Privacy and the...

HHS Office for Civil Rights Issues Bulletin on Requirements under HIPAA for Online Tracking Technologies to Protect the Privacy...

On December 1, 2022, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services issued a bulletin to highlight the obligations of Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

Health Care Compliance Association (HCCA)

[Virtual Event] Richmond Regional Healthcare Compliance Conference - December 9th, 8:25 am - 4:30 pm EST

General and specialty compliance training from the comfort of your home or office! HCCA’s Regional Healthcare Compliance Conferences provide practitioners with virtual compliance training that includes updates on the...more

ArentFox Schiff

Disclosing Patient Information in Responses to Online Reviews: Recent OCR Enforcement Action Is a Cautionary Tale

ArentFox Schiff on

The HHS Office for Civil Rights (OCR) recently imposed a $50,000 civil monetary penalty on a dental practice that disclosed patient-identifying information in response to a negative online review. The case is a reminder that...more

52 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide