Main Menu Back to Page
{ Banner Image }

Showing 27 posts in HIPAA.

HHS Office for Civil Rights Publishes Checklist for HIPAA Covered Entities Responding to Cybersecurity Incidents

The U.S. Department of Health and Human Service's Office for Civil Rights ("OCR") recently published guidance for entities covered by HIPAA, entitled "My entity just experienced a cyber-attack! What do we do now?" Read More ›

Categories: Cybersecurity, Digital Assets, Electronic Health Records, Fraud & Abuse, HIPAA

Nursing Homes Should Review Privacy Policies in Light of Recent CMS Guidance

A recent Memorandum issued by the Centers for Medicare & Medicaid Services ("CMS") to state survey agency directors (the "Memorandum") discusses a nursing home's responsibility to protect residents' privacy, particularly with regard to social media. The Memorandum was issued following a series of media reports documenting the inappropriate posting of residents' photographs on social media by nursing home staff.  Read More ›

Categories: HIPAA, Medicare/Medicaid, Privacy

Data Breaches Lead to Record-Breaking HIPAA Settlement

HIPAAAdvocate Health Care Network (Advocate), one of the nation’s largest health care systems, recently reached a $5.55 million settlement with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) for potential violations of the Health Insurance Portability and Accountability Act (HIPAA). The $5.55 million settlement is the largest HIPAA settlement in history against a single entity.

OCR's investigation arose after Advocate reported three separate data breaches to OCR that occurred between July and November of 2013. The first breach occurred when four desktop computers were stolen from an Advocate administrative building. Another breach occurred when an unencrypted laptop was stolen from an Advocate employee's unlocked vehicle. A third breach occurred when an unauthorized third party accessed the network of a company that provides billing services to Advocate. A total of more than 4 million patient records were affected by the breaches.  Read More ›

Categories: Audits, Compliance, HIPAA, News & Events

OCR Begins Phase 2 Audit Program of Covered Entities and Business Associates

AuditThe U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced that it has begun Phase 2 of its HIPAA audit program. This audit phase will impact covered entities and their business associates. Read More ›

Categories: Compliance, HIPAA, Hospitals, Providers

Recent Seven Figure Settlements Underscore the Importance of HIPAA Compliance, Particularly in Light of OCR’s Announced Increase in Audit Activity

Recent Seven Figure Settlements Underscore the Importance of HIPAA Compliance, Particularly in Light of OCR’s Announced Increase in Audit ActivityThe Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced that it reached resolution agreements and corrective action plans with two health care entities - a health system and a research institution - in connection with alleged violations of the Health Insurance Portability and Protection Act of 1996 (HIPAA). These cases underscore the importance of ongoing HIPAA compliance vigilance by covered entities and business associates, particularly in light of OCR’s recent announcement that it has commenced Phase 2 of its audit program. Read More ›

Categories: Audits, Compliance, HIPAA, Providers

OCR Issues Clarifying Guidance on HIPAA Privacy Rule Regarding Access to Protected Health Information

The Office of Civil Rights (“OCR”) recently issued new guidance (“Guidance”) concerning the right of individuals to access their protected health information (“PHI”) under the HIPAA Privacy Rule. The OCR explained in the Guidance that based on its enforcement experience and recent studies, individuals continue to have difficulty accessing information - even from entities required to comply with the HIPAA Privacy Rule. This is also despite improvements in technology that make access more readily available. Bottom line is that individuals must have access to their PHI and health providers need to be providing such access.

However, the Guidance further clarifies a number of issues, including permissible charges for providing information to patients, security issues, submission of requests for information, and the manner for providing access to information. Read More ›

Categories: HIPAA, News & Events, Privacy

HHS Issues HIPAA “Basics” Fact Sheet

hipaa basics fact sheetThe Department of Health and Human Services (“HHS”) recently released a HIPAA overview called “HIPAA Basics for Providers: Privacy, Security, and Breach Notification Rules” (the “Overview”). The Overview is intended to provide HIPAA Covered Entities such as physicians, hospitals, and other health care providers with a basic overview of HIPAA’s rules and responsibilities. The fact sheet also provides an overview to Business Associates (such as law firms and accounting firms who receive protected health information ("PHI") from Covered Entities). The Overview can be found here.

The Overview explains that the HIPAA Privacy Rule protects individually identifiable PHI, which includes information such as an individual’s past, present, or future physical or mental health condition. Read More ›

Categories: HIPAA, News & Events, Privacy, Providers

Recap from the 2015 Health Law Institute

Recap from the 2015 Health Law InstituteFoster Swift health care attorneys recently attended and presented at the 21st Annual Health Law Institute on March 12 and 13, 2015. The two-day institute, which was co-sponsored by the Institute for Continuing Legal Education and the Health Care Law Section of the State Bar of Michigan, included presentations on recent statutory, regulatory, and case law developments in the health care industry.

Foster Swift Attorney Jennifer Van Regenmorter co-presented the “Michigan Health Law Update,” which provided an overview of Michigan’s most significant health law developments from the past year. This was Van Regenmorter’s third time presenting this yearly update at the Institute. Read More ›

Categories: Fraud & Abuse, HIPAA, News & Events, Physicians

“Top 10 Healthcare Law Trends in 2015” – Part 2

healthcare law trends in 2015The February issue of the American Health Lawyers Association’s AHLA Connections features a list of the top ten issues that will impact healthcare law in 2015. We summarized the first five topics in a previous blog. (Miss our summary of the first five? Please click here.)

Here are the remaining trends to think about:  Read More ›

Categories: Health Care Reform, HIPAA, Medicare/Medicaid, News & Events, Providers

Hospital Mergers Continued to Climb in 2014

hospital mergersSince the approval of the Affordable Care Act in 2010, hospital consolidation has been on the rise and according to a report detailed in a recent Chicago Tribune article, 2014 followed suit with a “flurry of mergers, acquisitions and joint ventures.” The article features findings from a report issued by healthcare consulting firm Kaufman Hall, including that in 2014 95 deals were announced, down slightly from 98 in 2013 but up from 66 in 2010.

Passage of the Affordable Care Act (ACA) in 2010 increased pressure on hospitals to operate more effectively and efficiently, which has driven industry consolidation. The ACA favors a service model that rewards organizations for producing quality outcomes – not quantity – and many providers believe that compliance will be easier with the greater scale and integration enabled by mergers. Through consolidation, many also hope to be better positioned to attract new patients with expanded services and medical specializations.

Additionally, the ACA’s introduction of a massive wave of new patients into the healthcare system, combined with diminishing Medicaid and Medicare reimbursements, means that the business of healthcare is becoming increasingly expensive, especially for independent hospitals. Another challenge – and driving force behind consolidation – has been the need to upgrade IT systems and facilities to comply with rules and regulations beyond the ACA. Read More ›

Categories: Health Care Reform, HIPAA, HITECH Act, Hospitals, News & Events