Cybersecurity


CARES Act Changes Privacy Rules for Substance Use Disorder Records
March 30, 2020 | Ashley (Osadon) Algazi | Behavioral Health | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation | Telehealth
The Coronavirus Aid, Relief, and Economic Security Act (CARES Act), signed into law on March 27, made some substantial changes to the confidentiality rules for substance abuse and mental health records to bring them in line with HIPAA confidentiality rules. Among the changes, a covered entity or business associate may now use or disclose substance …
Read More
Ransomware Attacks on Healthcare Industry Ramp Up
February 26, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Private Insurers
A recent article in HIPAA Journal, “Ransomware Attacks Have Cost the Healthcare Industry at Least $157 Million Since 2016,” discussed a new study by Comparitech that examined ransomware attacks on the healthcare industry. In the past three years, at least 172 ransomware attacks on healthcare entities in the U.S. have affected 1,446 facilities, providers and …
Read More
Feb. 29 is Data Breach Reporting Deadline
February 20, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy
The HIPAA Breach Notification Rule requires that smaller data breaches – those involving fewer than 500 patient records – must be reported to the U.S. Department of Health and Human Services (HHS) no later than 60 days after the end of the calendar year in which the breach occurred. This year, the reporting deadline is …
Read More
Alabama Health System Reeling After Ransomware Attack
January 6, 2020 | Margarita Christoforou | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Litigation
Alabama’s DCH Health System is facing a federal lawsuit filed by some former patients who allege it was negligent in discovering and responding to a ransomware attack on its computer system. In addition to negligence, the complaint accuses DCH of invasion of privacy, breach of contract and breach of fiduciary duty, among other things. The …
Read More
Fader Gives Perspective on HIPAA Enforcement for Healthcare Risk Management
December 4, 2019 | Rivkin Rounds Staff | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Legislation and Public Policy | Litigation
Eric Fader contributed to Healthcare Risk Management’s HIPAA Regulatory Alert, which appeared in the publication’s December 2019 issue. The Alert outlines the best practices that will help avoid common HIPAA violations. Eric discusses the events that might trigger a regulatory action and the kinds of violations that may affect the severity of the penalties and fines. …
Read More
Another HIPAA Penalty: $1.6 Million for Breach of ePHI
November 12, 2019 | Ada Kozicz | Cybersecurity | Electronic Health Records | HIPAA | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on November 7 that it imposed a $1.6 million monetary penalty against the Texas Health and Human Services Commission for violations of the HIPAA Privacy and Security Rules. The Commission operates several health and public need facilities and also administers many …
Read More
HHS Releases Updated HIPAA Risk Assessment Tool
November 8, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA
The U.S. Department of Health and Human Services (HHS) recently released a new version of its security risk assessment (SRA) tool that helps smaller healthcare providers conduct and document risk assessments, as required by the HIPAA Security Rule. The update incorporates new features to make the tool more user-friendly. The SRA tool, available on HHS’s …
Read More
Kaiser to Present at PLI Life Sciences Program
September 17, 2019 | Rivkin Rounds Staff | Cybersecurity | Electronic Health Records | FDA | False Claims Act | Fraud and Abuse | Legislation and Public Policy | Litigation | Medical Devices and Wearables | Medicare and Medicaid | Pharmaceuticals | Private Insurers
On October 10, Rivkin Radler’s Jeff Kaiser will be a panelist at the Practising Law Institute (PLI) program, “Life Sciences 2019: Navigating Legal Challenges in the Drug and Device Industries.” Jeff will speak on “Enforcement Trends Impacting the Drug and Device Industries,” including developments under the False Claims Act, federal Anti-Kickback Statute, off-label promotion, and …
Read More
Rivkin Radler Lawyers Edit HIPAA Chapter of Treatise
May 30, 2019 | Rivkin Rounds Staff | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy
Rivkin Radler’s Eric Fader and Margarita Christoforou edited the “Health Care Privacy and the Health Insurance Portability and Accountability Act of 1996” chapter in the June 2019 edition of the Thomson Reuters Data Security and Privacy Law treatise. Eric has edited this chapter of the treatise since its 2014 edition. New material in this year’s …
Read More
Data Breach Leads to $1 Million in Settlements for IN Company
May 28, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Litigation
The U.S. Department of Health and Human Services (HHS) announced on May 23 that Medical Informatics Engineering, Incorporated (MIE), an Indiana-based online electronic health records company, had agreed to pay HHS’s Office for Civil Rights (OCR) $100,000 to settle HIPAA violations. MIE’s April 23 Resolution Agreement with HHS also provided for the company to enter …
Read More

Authors
show more

Get legal updates and news delivered to your inbox