Today, the US Department of Health & Human Services’ Office for Civil Rights (OCR) announced that Advocate Health Care Network (Illinois’ largest healthcare system) will pay a record $5.5 million settlement for violating HIPAA.
On June 24, 2016, the non-profit Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule with the U.S. Department of Health and Human Services (HHS).
On Monday, July 11, 2016, the Office for Civil Rights (OCR) released a fact sheet with guidance for covered entities and business associates on HIPAA and ransomware.
The Office for Civil Rights (OCR) recently began its second round of audits of covered entities and business associates for compliance with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule (the “Phase 2” audits).
Covered entities and business associates subject to HIPAA Security Rule are closer to getting a benchmark for encryption standards with the release of the Standards and Guidelines Development Process in late March by the National Institute of Standards and Technology (NIST).
On March 21, 2016, the US Department of Health and Human Services Office for Civil Rights (OCR) announced it was beginning its next round of audits of covered entities and business associates for compliance with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.
These proposed changes to the rules governing the confidentiality of substance abuse treatment records mark the first time the regulations have been subject to revision since 1987.
In a recent decision, a US Department of Health and Human Services (HHS) Administrative Law Judge (ALJ) agreed with the HHS Office of Civil Rights (OCR) that Lincare, Inc. d/b/a United Medical had violated HIPAA.
Cybersecurity may have rocketed to the top of management’s priority list in the wake of the recent cyberattack on Hollywood Presbyterian Medical Center (HPMC) that left the hospital unable to access some of its computer systems for ten days.
Potentially missed among end-of-year and holiday activities, the Office for Civil Rights (OCR) has announced three resolution agreements for violations of the HIPAA Privacy and Security Rules within the past month.
Health care providers and their contractors have been put on notice by the Office for Civil Rights (OCR) that the next round of HIPAA compliance audits will begin in early 2016. The previous round of HIPAA audits was completed in 2014.
The US Department of Health and Human Services, Office for Civil Rights announced a new settlement for $750,000 with Cancer Care Group, P.C. to resolve potential violations of the HIPAA Privacy and Security Rules identified as the result of the theft of a laptop and backup media.
On September 2-3, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) hosted the 8th Annual Safeguarding Health Information: Building Assurance through HIPAA Security conference.
On June 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights, announced that it had entered into a resolution agreement with St. Elizabeth’s Medical Center, a Massachusetts hospital, to resolve potential HIPAA violations.
King v. Burwell understandably took the attention of the health care industry a couple of weeks ago when it upheld a key component of the ACA. A day later, the Supreme Court released another decision that may have a more significant going-forward impact on the health care industry: Obergefell.