Showing 28 posts in HIPAA.
Earlier this year, the Substance Abuse and Mental Health Services Administration (SAMHSA), a branch of the U.S. Department of Health and Human Services (HHS), finalized updates to the Confidentiality of Substance Use Disorder Patient Records regulation at 42 CFR Part 2 ("Part 2"). Read More ›
HHS Office for Civil Rights Publishes Checklist for HIPAA Covered Entities Responding to Cybersecurity Incidents
The U.S. Department of Health and Human Service's Office for Civil Rights ("OCR") recently published guidance for entities covered by HIPAA, entitled "My entity just experienced a cyber-attack! What do we do now?" Read More ›
A recent Memorandum issued by the Centers for Medicare & Medicaid Services ("CMS") to state survey agency directors (the "Memorandum") discusses a nursing home's responsibility to protect residents' privacy, particularly with regard to social media. The Memorandum was issued following a series of media reports documenting the inappropriate posting of residents' photographs on social media by nursing home staff. Read More ›
Advocate Health Care Network (Advocate), one of the nation’s largest health care systems, recently reached a $5.55 million settlement with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) for potential violations of the Health Insurance Portability and Accountability Act (HIPAA). The $5.55 million settlement is the largest HIPAA settlement in history against a single entity.
OCR's investigation arose after Advocate reported three separate data breaches to OCR that occurred between July and November of 2013. The first breach occurred when four desktop computers were stolen from an Advocate administrative building. Another breach occurred when an unencrypted laptop was stolen from an Advocate employee's unlocked vehicle. A third breach occurred when an unauthorized third party accessed the network of a company that provides billing services to Advocate. A total of more than 4 million patient records were affected by the breaches. Read More ›
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced that it has begun Phase 2 of its HIPAA audit program. This audit phase will impact covered entities and their business associates. Read More ›
Recent Seven Figure Settlements Underscore the Importance of HIPAA Compliance, Particularly in Light of OCR’s Announced Increase in Audit Activity
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced that it reached resolution agreements and corrective action plans with two health care entities - a health system and a research institution - in connection with alleged violations of the Health Insurance Portability and Protection Act of 1996 (HIPAA). These cases underscore the importance of ongoing HIPAA compliance vigilance by covered entities and business associates, particularly in light of OCR’s recent announcement that it has commenced Phase 2 of its audit program. Read More ›
OCR Issues Clarifying Guidance on HIPAA Privacy Rule Regarding Access to Protected Health Information
The Office of Civil Rights (“OCR”) recently issued new guidance (“Guidance”) concerning the right of individuals to access their protected health information (“PHI”) under the HIPAA Privacy Rule. The OCR explained in the Guidance that based on its enforcement experience and recent studies, individuals continue to have difficulty accessing information - even from entities required to comply with the HIPAA Privacy Rule. This is also despite improvements in technology that make access more readily available. Bottom line is that individuals must have access to their PHI and health providers need to be providing such access.
However, the Guidance further clarifies a number of issues, including permissible charges for providing information to patients, security issues, submission of requests for information, and the manner for providing access to information. Read More ›
The Department of Health and Human Services (“HHS”) recently released a HIPAA overview called “HIPAA Basics for Providers: Privacy, Security, and Breach Notification Rules” (the “Overview”). The Overview is intended to provide HIPAA Covered Entities such as physicians, hospitals, and other health care providers with a basic overview of HIPAA’s rules and responsibilities. The fact sheet also provides an overview to Business Associates (such as law firms and accounting firms who receive protected health information ("PHI") from Covered Entities). The Overview can be found here.
The Overview explains that the HIPAA Privacy Rule protects individually identifiable PHI, which includes information such as an individual’s past, present, or future physical or mental health condition. Read More ›
Foster Swift health care attorneys recently attended and presented at the 21st Annual Health Law Institute on March 12 and 13, 2015. The two-day institute, which was co-sponsored by the Institute for Continuing Legal Education and the Health Care Law Section of the State Bar of Michigan, included presentations on recent statutory, regulatory, and case law developments in the health care industry.
Foster Swift Attorney Jennifer Van Regenmorter co-presented the “Michigan Health Law Update,” which provided an overview of Michigan’s most significant health law developments from the past year. This was Van Regenmorter’s third time presenting this yearly update at the Institute. Read More ›
The February issue of the American Health Lawyers Association’s AHLA Connections features a list of the top ten issues that will impact healthcare law in 2015. We summarized the first five topics in a previous blog. (Miss our summary of the first five? Please click here.)
Here are the remaining trends to think about: Read More ›
- News & Events
- Health Insurance Exchange
- Fraud & Abuse
- Employee Benefits
- Digital Assets
- Affordable Care Act
- Labor Relations
- Health Care Reform
- HITECH Act
- Long Term Care
- Electronic Health Records
- 6th Circuit Court of Appeals
- Accountable Care Organizations
- Did you Know?