Cybersecurity
November 12, 2019 | Ada Janocinska | Cybersecurity | Electronic Health Records | HIPAA | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on November 7 that it imposed a $1.6 million monetary penalty against the Texas Health and Human Services Commission for violations of the HIPAA Privacy and Security Rules. The Commission operates several health and public need facilities and also administers many
Read MoreNovember 8, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA
The U.S. Department of Health and Human Services (HHS) recently released a new version of its security risk assessment (SRA) tool that helps smaller healthcare providers conduct and document risk assessments, as required by the HIPAA Security Rule. The update incorporates new features to make the tool more user-friendly.
The SRA tool, available on HHS’s
Read MoreSeptember 17, 2019 | Rivkin Rounds Staff | Cybersecurity | Electronic Health Records | FDA | False Claims Act | Fraud and Abuse | Legislation and Public Policy | Litigation | Medical Devices and Wearables | Medicare and Medicaid | Pharmaceuticals | Private Insurers
On October 10, Rivkin Radler’s Jeff Kaiser will be a panelist at the Practising Law Institute (PLI) program, “Life Sciences 2019: Navigating Legal Challenges in the Drug and Device Industries.” Jeff will speak on “Enforcement Trends Impacting the Drug and Device Industries,” including developments under the False Claims Act, federal Anti-Kickback Statute, off-label promotion, and
Read MoreMay 30, 2019 | Rivkin Rounds Staff | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy
Rivkin Radler’s Eric Fader and Margarita Christoforou edited the “Health Care Privacy and the Health Insurance Portability and Accountability Act of 1996” chapter in the June 2019 edition of the Thomson Reuters Data Security and Privacy Law treatise. Eric has edited this chapter of the treatise since its 2014 edition.
New material in this year’s
Read MoreMay 28, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Litigation
The U.S. Department of Health and Human Services (HHS) announced on May 23 that Medical Informatics Engineering, Incorporated (MIE), an Indiana-based online electronic health records company, had agreed to pay HHS’s Office for Civil Rights (OCR) $100,000 to settle HIPAA violations. MIE’s April 23 Resolution Agreement with HHS also provided for the company to enter
Read MoreMay 7, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Litigation
Touchstone Medical Imaging has agreed to pay $3 million to settle HIPAA violations after an unsecured computer server exposed the medical records of 300,000 patients on Google in 2014. The U.S. Department of Health and Human Services (HHS) announced the settlement on May 6. Touchstone, based in Franklin, Tennessee, provides diagnostic imaging services in Nebraska,
Read MoreMay 6, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Medical Devices and Wearables
The U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) recently issued five new FAQs pertaining to software applications that obtain individuals’ electronic protected health information (ePHI). The FAQs describe various scenarios in which HIPAA covered entities may transmit ePHI to apps, including fitness trackers and other wearables.
In short, a covered entity
Read MoreApril 30, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA
The U.S. Department of Health and Human Services (HHS) has revised the potential monetary penalties that may be imposed on healthcare providers, health plans and business associates for HIPAA violations. HHS’s notice of enforcement discretion, issued on April 26, reduces the maximum annual penalty for less-severe violations from $1.5 million to as low as $25,000.
The
Read MoreApril 18, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Home Health | Hospitals | Medical Devices and Wearables | Private Insurers | Telehealth
Amazon announced in a blog post on April 4 that its Alexa voice assistant’s operating environment now complies with HIPAA. Companies that build functions, or skills, for Alexa will now be able to create skills that involve the transmission of users’ protected health information.
The initial group of six participants in an invitation-only program includes
Read MoreApril 4, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | Hospitals | Telehealth
Researchers at the Ben-Gurion University Cyber Security Research Center in Israel have created malware that could exploit vulnerabilities in MRI and CT scanning equipment to alter patients’ images. The Washington Post discussed the research project in an April 3 article.
In theory, by adding fabricated cancerous nodules to a MRI or CT scan, an attacker
Read More