Articles and Blogs

HIPAA

Business Associate’s Data Breach Leads to $500,000 Fine for Hospitalist Group

[12/10/18]

Posted on December 10, 2018 in Health Information Technology

Published by: Hall Render

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced on December 4, 2018 that a hospitalist group (“Group”) that works with hospitals and nursing homes to provide internal medicine physicians has agreed to pay $500,000 and adopt a corrective action plan to settle alleged violations of the Health Insurance... READ MORE

Tags: , , , ,

Disclosing PHI to a Reporter Leads to $125,000 HIPAA Settlement

[11/29/18]

Posted on November 29, 2018 in Health Information Technology

Published by: Hall Render

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”), announced that a small professional association with three doctors and four locations (the “Practice”) has agreed to pay $125,000 and adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The... READ MORE

Tags: , , , ,

Largest Health Data Breach = Largest OCR Settlement in History

[10/19/18]

Posted on October 19, 2018 in Health Information Technology

Published by: Hall Render

On October 15, 2018, the Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that it had reached a record $16 million settlement with Anthem arising out of alleged violations of the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The settlement comes... READ MORE

Tags: , , , , , ,

Hospitals Fined for Allowing Documentary Film Crews to Film Patients Without Consent

[09/24/18]

Posted on September 24, 2018 in Health Information Technology

Published by: Hall Render

The Department of Health and Human Services Office for Civil Rights (“OCR”) fined three separate hospitals a cumulative total of $999,000 to settle potential violations of HIPAA arising from allowing film crews on premises to film a reality television show without first obtaining patient authorizations. The OCR Resolution Agreement can be found here. Generally, a... READ MORE

Tags: , , , ,

Don’t Forget! HIPAA Breaches Affecting Fewer Than 500 Must Be Reported to OCR by March 1, 2017

[02/21/17]

Posted on February 21, 2017 in Health Law News

Published by: Hall Render

Under the Breach Notification Rule, HIPAA covered entities are required to submit reports of certain breaches of unsecured protected health information (“PHI”) affecting fewer than 500 individuals to the Office for Civil Rights (“OCR”) on an annual basis. Covered entities must submit their breaches electronically through OCR’s breach notification web page, which can be... READ MORE

Tags: , , , ,

OCR Announces Largest Single-Entity Settlement to Date

[08/18/16]

Posted on August 18, 2016 in Health Law News

Published by: Hall Render

On August 4, the Office for Civil Rights (“OCR”) announced a $5.55 million settlement with the largest fully integrated health care system in Illinois. The settlement is the largest HIPAA settlement ever by a single entity and follows two recent settlements with university health systems in Oregon and Mississippi that were $2.7 million and... READ MORE

Tags:

Did You Get an OCR HIPAA Audit Letter or a Golden Pass?

[07/19/16]

Posted on July 19, 2016 in Health Law News

Published by: Hall Render

The Office for Civil Rights (“OCR”), Department of Health and Human Services (“HHS”), emailed notices to 167 covered entities on July 11, 2016 informing them they were selected for a HIPAA Phase II audit. Health care providers, health plans and health care clearinghouses were randomly selected by OCR from the audit pool. If your organization... READ MORE

Tags:

HIPAA on the Small Screen: OCR Penalizes Unauthorized Patient Filming

[04/27/16]

Posted on April 27, 2016 in Health Law News

Published by: Hall Render

On April 21, 2016, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a $2.2 million settlement with a New York hospital (“Hospital”) stemming from unauthorized patient filming by ABC’s NY Med television show. In what OCR called an egregious disclosure of protected health information (“PHI”) in violation of... READ MORE

Tags:

Business Associate Agreements Are Critical to HIPAA Compliance: OCR Announces $755,000 Settlement Action

[04/26/16]

Posted on April 26, 2016 in Health Law News

Published by: Hall Render

On April 19, 2016, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) reached a settlement in the amount of $755,000 with a North Carolina orthopedic clinic (“Clinic”) for failing to execute a business associate agreement with a third-party vendor. This is OCR’s second settlement this year related to business... READ MORE

Tags: ,

Patients’ Access Rights and Permissible Fees Under HIPAA

[03/22/16]

Posted on March 22, 2016 in Health Law News

Published by: Hall Render

On January 7, 2016, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) released new guidance clarifying an individual’s right to access his or her medical record under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). On February 25, 2016, OCR released additional guidance explaining the permissible reasonable cost-based... READ MORE

Tags: