{ Banner Image }

Showing 30 posts in HIPAA.

HIPAA Disclosures of Protected Health Information after Dobbs v. Jackson Women's Health Organization: Foster Swift Highlights Navigating Michigan and Federal Law

Confidential HIPPA FileAfter the Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization overturned Roe v. Wade on June 24, 2022, the Department of Health and Human Services (“HHS”) was tasked with responding to how the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) would be affected. Particularly, HHS’s Office for Civil Rights has released guidance regarding how the HIPAA Privacy Rule may or may not permit disclosure of an individual’s sexual and reproductive health information without express authorization from the patient. Read More ›

Categories: Alerts and Updates, Electronic Health Records, Health Care Reform, HIPAA

HIPAA Compliance Considerations During the Pandemic

HIPAA Compliance COVIDThis article has been updated with new information since it was originally published on November 16, 2020.

As health care providers continue to face new challenges relating to the COVID-19 pandemic, it is important for providers to maintain compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Although the Department of Health and Human Services Office for Civil Rights (“OCR”) has loosened some requirements to allow health care providers flexibility during the COVID-19 pandemic, a majority of the patient protections under the HIPAA Privacy Rule have remained intact. Read More ›

Categories: Compliance, Cybersecurity, Electronic Health Records, HIPAA

Updates to the Confidentiality of Substance Use Disorder Patient Records Regulations

Earlier this year, the Substance Abuse and Mental Health Services Administration (SAMHSA), a branch of the U.S. Department of Health and Human Services (HHS), finalized updates to the Confidentiality of Substance Use Disorder Patient Records regulation at 42 CFR Part 2 ("Part 2"). Read More ›

Categories: Electronic Health Records, HIPAA, Hospitals, Physicians, Providers

HHS Office for Civil Rights Publishes Checklist for HIPAA Covered Entities Responding to Cybersecurity Incidents

The U.S. Department of Health and Human Service's Office for Civil Rights ("OCR") recently published guidance for entities covered by HIPAA, entitled "My entity just experienced a cyber-attack! What do we do now?" Read More ›

Categories: Cybersecurity, Digital Assets, Electronic Health Records, Fraud & Abuse, HIPAA

Nursing Homes Should Review Privacy Policies in Light of Recent CMS Guidance

A recent Memorandum issued by the Centers for Medicare & Medicaid Services ("CMS") to state survey agency directors (the "Memorandum") discusses a nursing home's responsibility to protect residents' privacy, particularly with regard to social media. The Memorandum was issued following a series of media reports documenting the inappropriate posting of residents' photographs on social media by nursing home staff.  Read More ›

Categories: HIPAA, Medicare/Medicaid, Privacy

Data Breaches Lead to Record-Breaking HIPAA Settlement

HIPAAAdvocate Health Care Network (Advocate), one of the nation’s largest health care systems, recently reached a $5.55 million settlement with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) for potential violations of the Health Insurance Portability and Accountability Act (HIPAA). The $5.55 million settlement is the largest HIPAA settlement in history against a single entity.

OCR's investigation arose after Advocate reported three separate data breaches to OCR that occurred between July and November of 2013. The first breach occurred when four desktop computers were stolen from an Advocate administrative building. Another breach occurred when an unencrypted laptop was stolen from an Advocate employee's unlocked vehicle. A third breach occurred when an unauthorized third party accessed the network of a company that provides billing services to Advocate. A total of more than 4 million patient records were affected by the breaches.  Read More ›

Categories: Audits, Compliance, HIPAA, News & Events

OCR Begins Phase 2 Audit Program of Covered Entities and Business Associates

AuditThe U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced that it has begun Phase 2 of its HIPAA audit program. This audit phase will impact covered entities and their business associates. Read More ›

Categories: Compliance, HIPAA, Hospitals, Providers

Recent Seven Figure Settlements Underscore the Importance of HIPAA Compliance, Particularly in Light of OCR’s Announced Increase in Audit Activity

Recent Seven Figure Settlements Underscore the Importance of HIPAA Compliance, Particularly in Light of OCR’s Announced Increase in Audit ActivityThe Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced that it reached resolution agreements and corrective action plans with two health care entities - a health system and a research institution - in connection with alleged violations of the Health Insurance Portability and Protection Act of 1996 (HIPAA). These cases underscore the importance of ongoing HIPAA compliance vigilance by covered entities and business associates, particularly in light of OCR’s recent announcement that it has commenced Phase 2 of its audit program. Read More ›

Categories: Audits, Compliance, HIPAA, Providers

OCR Issues Clarifying Guidance on HIPAA Privacy Rule Regarding Access to Protected Health Information

The Office of Civil Rights (“OCR”) recently issued new guidance (“Guidance”) concerning the right of individuals to access their protected health information (“PHI”) under the HIPAA Privacy Rule. The OCR explained in the Guidance that based on its enforcement experience and recent studies, individuals continue to have difficulty accessing information - even from entities required to comply with the HIPAA Privacy Rule. This is also despite improvements in technology that make access more readily available. Bottom line is that individuals must have access to their PHI and health providers need to be providing such access.

However, the Guidance further clarifies a number of issues, including permissible charges for providing information to patients, security issues, submission of requests for information, and the manner for providing access to information. Read More ›

Categories: HIPAA, News & Events, Privacy

HHS Issues HIPAA “Basics” Fact Sheet

hipaa basics fact sheetThe Department of Health and Human Services (“HHS”) recently released a HIPAA overview called “HIPAA Basics for Providers: Privacy, Security, and Breach Notification Rules” (the “Overview”). The Overview is intended to provide HIPAA Covered Entities such as physicians, hospitals, and other health care providers with a basic overview of HIPAA’s rules and responsibilities. The fact sheet also provides an overview to Business Associates (such as law firms and accounting firms who receive protected health information ("PHI") from Covered Entities). The Overview can be found here.

The Overview explains that the HIPAA Privacy Rule protects individually identifiable PHI, which includes information such as an individual’s past, present, or future physical or mental health condition. Read More ›

Categories: HIPAA, News & Events, Privacy, Providers

Subscribe to RSS»
Get Updates By Email:

Best Lawyers® 2021

Congratulations to the attorneys of the Health Care practice group at Foster Swift Collins & Smith, PC for their inclusion in the Best Lawyers in America 2021 edition. Firm-wide, 44 lawyers were listed. Best Lawyers lists are compiled based on an exhaustive peer-review evaluation and as lawyers are not required or allowed to pay a fee to be listed; inclusion in Best Lawyers is considered a singular honor. Health Care practice group members listed in Best Lawyers are as follows:

To see the full list of Foster Swift attorneys listed in Best Lawyers 2021, click here.