Electronic Health Records


Ransomware Attacks on Healthcare Industry Ramp Up
February 26, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Private Insurers
A recent article in HIPAA Journal, “Ransomware Attacks Have Cost the Healthcare Industry at Least $157 Million Since 2016,” discussed a new study by Comparitech that examined ransomware attacks on the healthcare industry. In the past three years, at least 172 ransomware attacks on healthcare entities in the U.S. have affected 1,446 facilities, providers and …
Read More
Feb. 29 is Data Breach Reporting Deadline
February 20, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy
The HIPAA Breach Notification Rule requires that smaller data breaches – those involving fewer than 500 patient records – must be reported to the U.S. Department of Health and Human Services (HHS) no later than 60 days after the end of the calendar year in which the breach occurred. This year, the reporting deadline is …
Read More
HHS: No Exceptions to HIPAA Obligations for Coronavirus Info
February 14, 2020 | Eric D. Fader | Electronic Health Records | HIPAA | Hospitals | Legislation and Public Policy
The U.S. Department of Health and Human Services (HHS) recently issued a Bulletin confirming that healthcare entities’ HIPAA obligations continue to apply even in public health emergencies. The February 2020 “HIPAA Privacy and Novel Coronavirus” Bulletin reminds HIPAA covered entities and their business associates that HIPAA Privacy Rule and Security Rule requirements remain in place …
Read More
OCR Modifies HIPAA Guidance for Sending PHI to Third Parties
February 12, 2020 | Ada Kozicz | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation
In response to a recent federal court decision, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has modified its guidance regarding certain obligations imposed on covered entities when responding to individuals’ requests to send their protected health information (PHI) to third parties. In short, covered entities are no longer required …
Read More
Mass. Court: EHR Software Not Discriminatory
February 6, 2020 | Eric D. Fader | Electronic Health Records | Employer/Employee | Hospitals | Litigation
On January 31, a federal court in Massachusetts dismissed a lawsuit brought by the National Federation of the Blind (NFB) against Epic Systems Inc., that claimed that Epic’s electronic health records (EHR) software discriminates against blind hospital employees. The NFB had sued Epic on behalf of NFB members who allegedly suffered adverse employment actions because …
Read More
Updated Guidance Addresses the Privacy of Student Records
January 13, 2020 | Margarita Christoforou | Behavioral Health | Electronic Health Records | HIPAA | Legislation and Public Policy
In an effort to provide further clarity to school administrators, healthcare professionals and families, the U.S. Department of Education and the Office for Civil Rights at the U.S. Department of Health and Human Services recently released updated joint guidance addressing the application of the Family Educational Rights and Privacy Act (FERPA) and the HIPAA Privacy …
Read More
Alabama Health System Reeling After Ransomware Attack
January 6, 2020 | Margarita Christoforou | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Litigation
Alabama’s DCH Health System is facing a federal lawsuit filed by some former patients who allege it was negligent in discovering and responding to a ransomware attack on its computer system. In addition to negligence, the complaint accuses DCH of invasion of privacy, breach of contract and breach of fiduciary duty, among other things. The …
Read More
HIPAA Access Violation Costs Provider $85,000
December 19, 2019 | Eric D. Fader | Electronic Health Records | HIPAA | Hospitals | Litigation
A Florida primary care and pain management practice that calls itself Korunda Medical Institute has paid the federal government $85,000 to settle a violation of HIPAA’s right of access provisions. The U.S. Department of Health and Human Services (HHS) announced the settlement on December 12. A Korunda patient filed a complaint with HHS’s Office for …
Read More
Fader Gives Perspective on HIPAA Enforcement for Healthcare Risk Management
December 4, 2019 | Rivkin Rounds Staff | Cybersecurity | Electronic Health Records | HIPAA | Hospitals | Legislation and Public Policy | Litigation
Eric Fader contributed to Healthcare Risk Management’s HIPAA Regulatory Alert, which appeared in the publication’s December 2019 issue. The Alert outlines the best practices that will help avoid common HIPAA violations. Eric discusses the events that might trigger a regulatory action and the kinds of violations that may affect the severity of the penalties and fines. …
Read More
Another HIPAA Penalty: $1.6 Million for Breach of ePHI
November 12, 2019 | Ada Kozicz | Cybersecurity | Electronic Health Records | HIPAA | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on November 7 that it imposed a $1.6 million monetary penalty against the Texas Health and Human Services Commission for violations of the HIPAA Privacy and Security Rules. The Commission operates several health and public need facilities and also administers many …
Read More

Authors
show more

Get legal updates and news delivered to your inbox