HIPAA
December 23, 2020 | Eric D. Fader | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation | Private Insurers
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently released an audit report on HIPAA compliance by 166 covered entities and 41 business associates during 2016-2017. The audits included detailed on-site reviews of entities’ documentation and implementation of HIPAA rules. The release of the report may foreshadow increased enforcement activities
Read MoreDecember 17, 2020 | Eric D. Fader | Behavioral Health | COVID-19 | Electronic Health Records | HIPAA | Hospitals | Legislation and Public Policy | Private Insurers
A proposed rule released by the U.S. Department of Health and Human Services on December 10 would give healthcare providers more flexibility to share patients’ health information for certain purposes. The rule, titled “Proposed Modifications to the HIPAA Privacy Rule to Support, and Remove Barriers to, Coordinated Care and Individual Engagement,” would loosen HIPAA restrictions
Read MoreDecember 4, 2020 | Rivkin Rounds Staff | COVID-19 | HIPAA
A recent article in Law360, “Bogus HIPAA Claims Are Flourishing As Pandemic Worsens,” discussed how the Covid-19 pandemic is fueling false assertions about the scope of privacy protections under HIPAA. Rivkin Radler’s Eric Fader was quoted in the article.
There are many
Read MoreNovember 11, 2020 | Eric D. Fader | Electronic Health Records | HIPAA | Litigation
The city of New Haven, Connecticut recently agreed to pay $202,400 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) to settle multiple HIPAA violations in connection with a 2016 incident at the city’s public health clinic. OCR announced the settlement on October 30.
In January 2017, the New Haven
Read MoreOctober 27, 2020 | Eric D. Fader | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights’ HIPAA Right of Access Initiative has claimed another victim. HHS announced on October 9 that NY Spine Medicine, a private neurology and pain management practice with offices in Manhattan and Miami Beach, agreed to pay a $100,000 penalty for failing to provide patients
Read MoreOctober 9, 2020 | Ada Janocinska | Cybersecurity | Electronic Health Records | HIPAA | Litigation | Private Insurers
Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data breach that occurred in 2014. Anthem has agreed to pay the states a total monetary penalty of $48.2 million.
The
Read MoreSeptember 29, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Litigation | Private Insurers
The third HIPAA settlement to be announced by the U.S. Department of Health and Human Services within one week was a big one. On September 25, HHS announced that Premera Blue Cross agreed to pay $6.85 million to HHS’s Office for Civil Rights (OCR) to settle HIPAA violations arising out of a data breach that
Read MoreSeptember 25, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Legislation and Public Policy | Medical Devices and Wearables | Telehealth
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently unveiled a new website with updated guidance and resources for mobile health app developers regarding the HIPAA Privacy, Security, and Breach Notification Rules. The new Resources for Mobile Health Apps Developers site replaces OCR’s prior Health App Developer Portal.
The new site’s Health
Read MoreSeptember 23, 2020 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA | Litigation
On September 21, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a $1.5 million agreement with Athens Orthopedic Clinic PA to settle “longstanding, systemic noncompliance” with the HIPAA Privacy and Security Rules. OCR’s investigation was triggered by a 2016 data breach that affected more than 200,000 of Athens Orthopedic’s patients.
Read MoreSeptember 17, 2020 | Ada Janocinska | Behavioral Health | Electronic Health Records | HIPAA | Legislation and Public Policy | Litigation
On September 15, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced five new settlements relating to enforcement of HIPAA’s right of access rule. Under HIPAA, patients have the right to timely access to their medical records, as recently discussed here.
A HIPAA covered entity must respond to a patient’s
Read More