HIPAA


Another HIPAA Penalty: $1.6 Million for Breach of ePHI
November 12, 2019 | Ada Kozicz | Cybersecurity | Electronic Health Records | HIPAA | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on November 7 that it imposed a $1.6 million monetary penalty against the Texas Health and Human Services Commission for violations of the HIPAA Privacy and Security Rules. The Commission operates several health and public need facilities and also administers many …
Read More
HHS Releases Updated HIPAA Risk Assessment Tool
November 8, 2019 | Eric D. Fader | Cybersecurity | Electronic Health Records | HIPAA
The U.S. Department of Health and Human Services (HHS) recently released a new version of its security risk assessment (SRA) tool that helps smaller healthcare providers conduct and document risk assessments, as required by the HIPAA Security Rule. The update incorporates new features to make the tool more user-friendly. The SRA tool, available on HHS’s …
Read More
NY Hospital Pays $3 Million HIPAA Settlement
November 6, 2019 | Eric D. Fader | Electronic Health Records | HIPAA | Hospitals | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on November 5 that the University of Rochester Medical Center (URMC) agreed to pay $3 million to settle violations of the HIPAA Privacy and Security Rules. URMC is one of the largest health systems in New York State, with more than …
Read More
Florida Hospital Fined $2.15 Million for Theft and Sale of Records
October 24, 2019 | Ada Kozicz | Electronic Health Records | HIPAA | Hospitals | Litigation
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced on October 23 that Jackson Health System (JHS) in Miami has received a civil money penalty of $2,154,000 for violations of HIPAA’s Security and Breach Notification Rules. OCR Director Roger Severino said, “OCR’s investigation revealed a HIPAA compliance program that had …
Read More
Yelp Responses Lead to HIPAA Settlement
October 4, 2019 | Ada Kozicz | HIPAA | Litigation
A recent settlement between a Texas dental practice and the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) demonstrates that healthcare providers must think twice before sharing any information on social media that can be linked to a patient. OCR investigated Elite Dental Associates of Dallas after receiving a patient complaint …
Read More
HHS Issues Limited HIPAA Waivers in Hurricane Areas
September 12, 2019 | Eric D. Fader | Electronic Health Records | HIPAA | Legislation and Public Policy
As it had done for previous hurricanes, the U.S. Department of Health and Human Services (HHS) recently issued a HIPAA Bulletin providing for a limited waiver of HIPAA sanctions and penalties for covered entities in Puerto Rico, Florida, Georgia, South Carolina and North Carolina in the aftermath of Hurricane Dorian. Such waivers are primarily intended …
Read More
HIPAA Access Violation Results in Settlement
September 10, 2019 | Eric D. Fader | Electronic Health Records | HIPAA | Hospitals | Litigation
The U.S. Department of Health and Human Services (HHS) announced on September 9 that Bayfront Health St. Petersburg (Bayfront), a 480-bed Florida hospital, has paid HHS’s Office for Civil Rights (OCR) $85,000 to settle a potential violation of HIPAA’s right of access provisions. Bayfront’s Resolution Agreement with HHS also provided for the company to enter into a one-year …
Read More
Study Reveals Widespread HIPAA Access Violations
August 22, 2019 | Eric D. Fader | Electronic Health Records | HIPAA | Hospitals
A recent study of 51 healthcare providers and 3,003 institutions, published last week on the medRXiv website, revealed widespread noncompliance with HIPAA requirements regarding patients’ right of access to their own medical records. The study was conducted on behalf of Ciitizen Corporation, a medical records storage platform for patients. The researchers sent record requests to …
Read More
OCR Releases New HIPAA FAQs on Care Coordination
July 16, 2019 | Ada Kozicz | HIPAA | Legislation and Public Policy | Private Insurers
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently issued new guidance on its HIPAA FAQs webpage regarding permissible use and disclosures of protected health information (PHI) by health plans for purposes of care coordination and continuity of care. Health plans are covered entities under HIPAA. The guidance explains that, …
Read More
Pharma Ads Target Smartphone Users in Waiting Rooms
July 9, 2019 | Eric D. Fader | HIPAA | Hospitals | Pharmaceuticals
FiercePharma reports that patients in doctor’s office waiting rooms who use the office Wi-Fi network may now receive targeted pharmaceutical ads on their smartphones. Semcasting, Inc., a Massachusetts-based data provider, uses a technology called Smart Zones that can deliver messages to the entire audience at a business’s IP address. The digital ad delivery is far …
Read More

Authors
show more

Get legal updates and news delivered to your inbox