Time is Money: HIPAA Enforcement Action for Untimely Breach Notice Settles for $475,000

Many New Year’s Resolutions focus on actions intended to save money and reduce stress. Organizations, especially those in the health care industry, should consider a resolution to review their breach notification procedures to assure timely notification of future data breach … Continue reading

Posted in Data Breach, HHS, HIPAA

Share this Article:

HIPAA News: HHS Getting Tough On ePHI Data Breaches

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA from three ePHI breach events in 2013.  … Continue reading

Posted in Cyber Security, Data Breach, Government Regulations, HHS, HIPAA

Share this Article:

Ransomware Attacks on ePHI May Be a Data Breach Under HIPAA

On July 11, 2016, the Office of Civil Rights (“OCR”) at the Department of Health and Human Services issued new HIPAA guidance regarding the growing epidemic of malicious computer software known as “ransomware”. Perhaps the most significant conclusion in the … Continue reading

Posted in Data Breach, Government Regulations, HHS, HIPAA, Ransomware

Share this Article:

New HIPAA Audits Have Begun. Time to Prepare for the “Audit Lottery.”

The US Department of Health and Human Services Office of Civil Rights (OCR) recently announced that it has activated Phase 2 of the HIPAA Audit Program. OCR’s new Phase 2 will focus on reviewing the policies and procedures of covered … Continue reading

Posted in Government Regulations, HHS, HIPAA, Privacy

Share this Article:

Connecticut AG Enforces HIPAA Privacy Rules Against Hospital and its Business Associate

Last week, the Connecticut Attorney General’s office announced that it had entered into a settlement agreement with the Hartford Hospital and its business associate vendor, the EMC Corporation (EMC), to resolve claims arising from an investigation into the 2012 theft … Continue reading

Posted in Data Breach, Government Regulations, HIPAA, Uncategorized

Share this Article:

New HIPAA Audit Program Expected in 2016

The U.S. Department of Health and Human Services’ Office of Inspector General (OIG) recently issued a report reviewing the HIPAA audit program that is administered by the Office of Civil Rights (OCR).  The OCR is responsible for enforcing the regulations … Continue reading

Posted in Data Breach, Government Regulations, HIPAA

Share this Article:

Jury Clears UCLA Health in Lawsuit Stemming From Improper Access to PHI by Plaintiff’s Romantic Rival

A UCLA employee and patient now has celebrity-level security on her protected health information (PHI) as maintained by the UCLA Health system, but a jury denied her the $1.25 million in emotional distress damages she sought after a romantic rival … Continue reading

Posted in Data Breach, Data Protection, HIPAA, Privacy

Share this Article:

HIPAA “Phase 2” Audits: Are You Ready?

The Civil Rights Office of the Department of Health and Human Services announced a “Phase 2” audit program in the Fall of 2014.  That audit program was delayed due to funding issues, but appears to be back on schedule for … Continue reading

Posted in Government Regulations, HIPAA, Privacy

Share this Article:

Why You Need a Privacy Policy – Part 2: Avoiding Three Common Fumbles

In Part 1, which can be found here, we covered some basic privacy policy concepts.  Here in Part 2, we address three problems associated with privacy policies in practice. 1.    You Don’t Have One, But You Really Should  There is … Continue reading

Posted in Cyber Security, Data Protection, FCC, FTC, Government Regulations, HIPAA, Privacy, Privacy Policy

Share this Article:

Why You Need a Privacy Policy – Part 1

A privacy policy is a key legal document in this new era of Big/Data/Breaches.  When distilled to its essence, a privacy policy is simply “say what you do, and do what you say” with others’ personal information.  A growing number of companies have them, … Continue reading

Posted in Data Protection, Government Regulations, HIPAA, Privacy Policy

Share this Article: