Month: February 2020
February 27, 2020 | Eric D. Fader | Electronic Health Records | HIPAA | Legislation and Public Policy
On February 25, the American Medical Association (AMA) announced the release of its new Patient Records Electronic Access Playbook. The 100-page guide is intended to help physician practices navigate the legal and practical requirements of providing patients with access to their electronic health information.
The Playbook discusses relevant provisions of HIPAA and points out many
Read MoreFebruary 26, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Private Insurers
A recent article in HIPAA Journal, “Ransomware Attacks Have Cost the Healthcare Industry at Least $157 Million Since 2016,” discussed a new study by Comparitech that examined ransomware attacks on the healthcare industry. In the past three years, at least 172 ransomware attacks on healthcare entities in the U.S. have affected 1,446 facilities, providers and
Read MoreFebruary 24, 2020 | Rivkin Rounds Staff | HIPAA | Legislation and Public Policy | Litigation
A recent article in Part B News, “Court throws out fee policies for medical record sharing; watch for new rules,” discussed the recent court decision in Ciox Health, LLC v. Alez Azar, et al., which led to the U.S. Department of Health and Human Services modifying its guidance regarding charging fees for access to patient
Read MoreFebruary 20, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy
The HIPAA Breach Notification Rule requires that smaller data breaches – those involving fewer than 500 patient records – must be reported to the U.S. Department of Health and Human Services (HHS) no later than 60 days after the end of the calendar year in which the breach occurred. This year, the reporting deadline is
Read MoreFebruary 14, 2020 | Eric D. Fader | COVID-19 | Electronic Health Records | HIPAA | Hospitals | Legislation and Public Policy
The U.S. Department of Health and Human Services (HHS) recently issued a Bulletin confirming that healthcare entities’ HIPAA obligations continue to apply even in public health emergencies. The February 2020 “HIPAA Privacy and Novel Coronavirus” Bulletin reminds HIPAA covered entities and their business associates that HIPAA Privacy Rule and Security Rule requirements remain in place
Read MoreFebruary 12, 2020 | Ada Janocinska | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation
In response to a recent federal court decision, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has modified its guidance regarding certain obligations imposed on covered entities when responding to individuals’ requests to send their protected health information (PHI) to third parties. In short, covered entities are no longer required
Read MoreFebruary 6, 2020 | Eric D. Fader | Electronic Health Records | Employer/Employee | Hospitals | Litigation
On January 31, a federal court in Massachusetts dismissed a lawsuit brought by the National Federation of the Blind (NFB) against Epic Systems Inc., that claimed that Epic’s electronic health records (EHR) software discriminates against blind hospital employees. The NFB had sued Epic on behalf of NFB members who allegedly suffered adverse employment actions because
Read More