Articles and Blogs

HIPAA

The Importance to HIPAA Compliance of IT System Monitoring and Support: HHS Announces $150,000 HIPAA Enforcement Action

[12/10/14]

Posted on December 10, 2014 in Health Law News

Published by: Hall Render

On December 8, 2014, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with a nonprofit, community mental health care provider (“Provider”) arising out of alleged violations of the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The settlement comes after an HHS... READ MORE

Tags:

Employer Liability for HIPAA Violations: A New Day Dawning?

[12/04/14]

Posted on December 4, 2014 in Health Law News

Published by: Hall Render

The Indiana Court of Appeals recently issued an opinion in the case of Walgreen Co. vs Hinchy that could permanently alter the landscape for employer liability for HIPAA violations committed by employees.  Health care providers should be aware of this case and take actions to limit their exposure to this type of liability. Background... READ MORE

Tags:

OIG Fiscal Year 2015 Work Plan

[11/05/14]

Posted on November 5, 2014 in Health Information Technology

Written by: Justin C. Ralston

On October 31, 2014, the U.S. Department of Health and Human Services Office of Inspector General (“OIG”) released the Work Plan for Fiscal Year 2015 (“Work Plan”). The Work Plan confirms OIG will continue to concentrate a great deal of their enforcement efforts on the security and vulnerabilities of protected health information (“PHI”) contained... READ MORE

Tags: , , , , , ,

HIPAA Harmonization Act Changes Rules Regarding Mental Health Treatment Record Privacy in Wisconsin

[06/30/14]

Posted on June 30, 2014 in Health Law News

Published by: Hall Render

Governor Scott Walker recently signed into law the HIPAA Harmonization – Mental Health Care Coordination Act (2013 WI Act 238, the “Act”).  The Act is intended to alleviate barriers to coordination of care for patients receiving mental health treatment by aligning aspects of Wisconsin’s mental health privacy laws with the Federal Health Insurance Portability... READ MORE

Tags:

OCR Counsel Warns of Increased HIPAA Enforcement

[06/23/14]

Posted on June 23, 2014 in Health Information Technology

Written by: Lea H. Lockhart

OCR Chief Regional Counsel for Region V, Jerome Meites, has warned that enforcement activity over the past year will “pale in comparison” to the next 12 months. While Mr. Meites was not specific as to this pronouncement being limited to Region V, it may be important to note that Region V covers Illinois, Indiana,... READ MORE

Tags:

HHS Announces Largest HIPAA Settlement to Date

[05/09/14]

Posted on May 9, 2014 in Health Law News

Published by: Hall Render

On May 8, 2014, the Department of Health and Human Services (“HHS”) announced that it had reached settlements with two health care organizations arising from alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy and Security Rules.  The settlements result from the organizations’ failure to secure thousands of patients’ electronic protected... READ MORE

Tags:

HHS Announces HIPAA Settlements for Stolen Laptops

[04/25/14]

Posted on April 25, 2014 in Health Law News

Published by: Hall Render

On April 22, 2014, the Department of Health and Human Services (“HHS”) announced that it reached settlements with two covered entities arising from alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy and Security Rules.  Both settlements involve the theft of unencrypted laptops and follow investigations in which the Office for... READ MORE

Tags:

Impacts of Heartbleed Exploit Come to Light

[04/15/14]

Posted on April 15, 2014 in Health Information Technology

Written by: William A. Dummett

Following recent news about the Heartbleed exploit, CloudFlare, a San Francisco-based security services company, challenged hackers to use Heartbleed to get private encryption keys that would unlock secure data. It reported multiple winners to its challenge. By obtaining the private key for an SSL/TLS certificate, an attacker could set up a fake website that passes... READ MORE

Tags: , ,

HHS Announces HIPAA Settlement with County Department of Health

[03/14/14]

Posted on March 14, 2014 in Health Law News

Published by: Hall Render

On March 7, 2014, the U.S. Department of Health and Human Services (“HHS”) announced that it reached a settlement with a county in Washington state (the “County”) stemming from alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security and Breach Notification Rules.  The settlement comes after the County reported a... READ MORE

Tags:

The Deadline for Annual HIPAA Breach Notification Reports Is Fast Approaching

[02/17/14]

Posted on February 17, 2014 in Health Law News

Published by: Hall Render

Under the Breach Notification Rule, HIPAA covered entities are required to submit reports of certain breaches of unsecured protected health information (“PHI”) affecting fewer than 500 individuals to the Office for Civil Rights (“OCR”) on an annual basis.  No later than March 1, 2014, covered entities must submit their breaches electronically through OCR’s breach... READ MORE

Tags: