The growing use of healthcare mobile applications and websites—and the associated use of online tracking technologies—raises privacy concerns under the Health Insurance Portability and Accountability Act (HIPAA) that developers of such applications and healthcare organizations should keep in mind. Indeed, there has been an uptick in litigations filed across
Articles Discussing HIPAA.
Last month, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates under the Health Insurance Portability and Accountability Act (HIPAA). The OCR Bulletin follows a significant uptick
We have been quite busy this October, which happens to be National Cybersecurity Awareness Month. But, we did not want to let the month go by without some recognition; and we are grateful to the HHS Office for Civil Rights (OCR) for this always timely reminder for HIPAA covered entities
A $300,640 settlement announced yesterday by the Office for Civil Rights (OCR) provides important reminders about HIPAA Privacy Rule and data privacy practices generally: robust data disposal practices are critical and “protected health information” (PHI) is not limited to diagnosis or particularly sensitive information.
The OCR’s settlement involved a New
In response to the United States Supreme Court decision in Dobbs vs. Jackson Women’s Health Organization, President Joe Biden signed an Executive Order on Friday, July 8, 2022, designed to protect access to reproductive health care services. In addition to measures seeking to safeguard access to abortion and contraception, the
It can be cathartic responding to a negative online review. It can also backfire, as can failing to cooperate with an OCR investigation as required under HIPAA.
The Office for Civil Rights (OCR) recently announced four enforcement actions, one against a small dental practice that imposed a $50,000 civil monetary
At Nexsen Pruet, we work with clients across the full spectrum of healthcare to manage compliance with HIPAA, and often we receive questions about associates and business associate contracts.
Health Care attorney Shannon Lipham breaks down HIPAA privacy rule as she discusses managing business associates and business associate agreements while staying HIPAA compliant.
The Office for Civil Rights (“OCR”)—the agency within the U.S. Department of Health and Human Services responsible for, among other things, enforcing compliance with HIPAA— recently released guidance on HIPAA’s application to an individual’s COVID-19 vaccination status to combat the misinformation circulating that HIPAA applies to a broader array of
Since the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule became effective in 2003, it generally required covered entities to provide patients timely access to their medical records. Of course, state health laws also have provided similar rights to patients regarding their records, some more and some less stringent than HIPAA.
Patient record requests can be a significant administrative burden for health care providers. An OCR enforcement initiative and a new federal law give providers more reason to get this process right. We summarize these rules here.
Since the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule became
There is no private cause of action to address an improper disclosure of medical information under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the U.S. Court of Appeals for the Fourth Circuit has held for the first time. Payne v. Taslimi, No. 18-7030, 2021 U.S. App. LEXIS 15972 (4th Cir. May 27, 2021).
A small New Jersey plastic surgery practice, Village Plastic Surgery (“VPS”), has become the eighteenth HIPAA covered entity to face an enforcement action under the Office for Civil Right’s HIPAA Right of Access Initiative. According to the OCR’s announcement, VPS agreed to a two-year corrective action plan and pay $30,000
In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year. The
It seems like every aspect of healthcare is changing during these uncertain times, but one thing remains the same – HIPAA enforcement is going strong. The Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS), responsible for enforcing HIPAA regulations, has been active this year in terms of settlements of potential HIPAA privacy and security violations. More than $12.2 million has been recorded this year in resolution agreements, despite the Notification of Enforcement Discretion related to COVID-19 issued by HHS.