Total Articles: 4
XpertHR • January 19, 2017
An Illinois-based health care employer has agreed to pay the federal government $475,000 to settle claims that it failed to provide notification about a breach of protected health information (PHI) within 60 days of discovering the breach, as the Health Insurance Portability and Accountability Act (HIPAA) requires.
Phelps Dunbar LLP • February 17, 2014
On February 6, 2014, the Centers for Medicare and Medicaid Services (CMS) published a final rule entitled, “CLIA Program and HIPAA Privacy Rule; Patients’ Access to Test Reports.” The February 6 final rule modifies the implementing regulations to the Clinical Laboratory Improvement Amendments of 1988 (CLIA) as well as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to impose significant new patient access obligations on CLIA and CLIA-exempt laboratories.
Fisher Phillips • May 03, 2012
s you may recall, the HITECH Act required Health and Human Services (HHS), the federal agency in charge of administering HIPAA, to affirmatively conduct periodic audits to ensure that covered entities and business associates are complying with HIPAA's privacy and security rules. Before HITECH, HHS was mostly responding to complaints and not conducting random audits of HIPAA compliance.
Fisher Phillips • May 06, 2009
Group health plans that were required to comply with privacy requirements of the Health Insurance Portability and Accountability Act (HIPAA) by April 14, 2003 (i.e., large health plans) now have an obligation to notify individuals who are covered by the plan that the privacy notice is available, and to tell them how to obtain the notice. This reminder notice must be sent at least once every three years.