HIPAA | Data Privacy and Protection Blog

Time is Money: HIPAA Enforcement Action for Untimely Breach Notice Settles for $475,000

Posted on: January 24, 2017 By: Creighton Dixon

Many New Year’s Resolutions focus on actions intended to save money and reduce stress. Organizations, especially those in the health care industry, should consider a resolution to review their breach notification procedures to assure timely notification of future data breach … Continue reading →

Posted in Data Breach, HHS, HIPAA

HIPAA News: HHS Getting Tough On ePHI Data Breaches

Posted on: August 6, 2016 By: Patrick X. Fowler

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA from three ePHI breach events in 2013. … Continue reading →

Posted in Cyber Security, Data Breach, Government Regulations, HHS, HIPAA

Ransomware Attacks on ePHI May Be a Data Breach Under HIPAA

Posted on: July 19, 2016 By: Patrick X. Fowler

On July 11, 2016, the Office of Civil Rights (“OCR”) at the Department of Health and Human Services issued new HIPAA guidance regarding the growing epidemic of malicious computer software known as “ransomware”. Perhaps the most significant conclusion in the … Continue reading →

Posted in Data Breach, Government Regulations, HHS, HIPAA, Ransomware

New HIPAA Audits Have Begun. Time to Prepare for the “Audit Lottery.”

Posted on: March 22, 2016 By: Eric Kintner

The US Department of Health and Human Services Office of Civil Rights (OCR) recently announced that it has activated Phase 2 of the HIPAA Audit Program. OCR’s new Phase 2 will focus on reviewing the policies and procedures of covered … Continue reading →

Posted in Government Regulations, HHS, HIPAA, Privacy

Connecticut AG Enforces HIPAA Privacy Rules Against Hospital and its Business Associate

Posted on: November 25, 2015 By: Eric Kintner

Last week, the Connecticut Attorney General’s office announced that it had entered into a settlement agreement with the Hartford Hospital and its business associate vendor, the EMC Corporation (EMC), to resolve claims arising from an investigation into the 2012 theft … Continue reading →

Posted in Data Breach, Government Regulations, HIPAA, Uncategorized

New HIPAA Audit Program Expected in 2016

Posted on: November 19, 2015 By: Eric Kintner

The U.S. Department of Health and Human Services’ Office of Inspector General (OIG) recently issued a report reviewing the HIPAA audit program that is administered by the Office of Civil Rights (OCR). The OCR is responsible for enforcing the regulations … Continue reading →

Posted in Data Breach, Government Regulations, HIPAA

Jury Clears UCLA Health in Lawsuit Stemming From Improper Access to PHI by Plaintiff’s Romantic Rival

Posted on: September 16, 2015 By: Sara J. Agne

A UCLA employee and patient now has celebrity-level security on her protected health information (PHI) as maintained by the UCLA Health system, but a jury denied her the $1.25 million in emotional distress damages she sought after a romantic rival … Continue reading →

Posted in Data Breach, Data Protection, HIPAA, Privacy

HIPAA “Phase 2” Audits: Are You Ready?

Posted on: May 5, 2015 By: Marvin "Bucky" Swift

The Civil Rights Office of the Department of Health and Human Services announced a “Phase 2” audit program in the Fall of 2014. That audit program was delayed due to funding issues, but appears to be back on schedule for … Continue reading →

Posted in Government Regulations, HIPAA, Privacy

Why You Need a Privacy Policy – Part 2: Avoiding Three Common Fumbles

Posted on: March 12, 2015 By: Patrick X. Fowler

In Part 1, which can be found here, we covered some basic privacy policy concepts. Here in Part 2, we address three problems associated with privacy policies in practice. 1. You Don’t Have One, But You Really Should There is … Continue reading →

Posted in Cyber Security, Data Protection, FCC, FTC, Government Regulations, HIPAA, Privacy, Privacy Policy

Why You Need a Privacy Policy – Part 1

Posted on: March 10, 2015 By: Patrick X. Fowler

A privacy policy is a key legal document in this new era of Big/Data/Breaches. When distilled to its essence, a privacy policy is simply “say what you do, and do what you say” with others’ personal information. A growing number of companies have them, … Continue reading →

Posted in Data Protection, Government Regulations, HIPAA, Privacy Policy

Subscribe Today

About This Blog

Search Blog

Blog Contributors

Topics

Category: HIPAA