HIPAA Business Associates

With the explosion of health data sifting through cutting-edge companies, industry stakeholders are left to wonder how wearable devices, wellness programs, health applications, and the like should be regulated.

Despite
Continue Reading Wearable Devices, Wellness Programs, and Health Apps: The Fringes of HIPAA

HHS Office for Civil Rights (OCR)’s April 3, 2019 cybersecurity newsletter highlights one of the more challenging cybersecurity vulnerabilities faced by covered entities and business associates.  OCR reminds covered entities
Continue Reading HIPAA Security and “Zero Day” Exploits: How to Stay Ahead of the Hack

Yesterday’s listserv announcement from the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) brought to mind this question. The post announces the agreement
Continue Reading To BAA or Not to BAA? The Question a Florida Provider Should Have Asked in 2011 Results in a Half Million Dollar Payment in 2018

Many employers who offer wellness programs to their employees may not have considered compliance with HIPAA privacy, security and breach notification rules (collectively, “HIPAA Rules”), since they don’t think of
Continue Reading Beware: HIPAA Applies to the Health Plans You Never Knew You Had (Part 2: Wellness Programs)

You may be surprised to learn that those “extra” benefits your company offers to its employees such as your employee assistance program (“EAP”) and wellness program likely are subject to
Continue Reading Beware: HIPAA Applies to the Health Plans You Never Knew You Had (Part 1: Employee Assistance Programs)