Privacy & Security

Dos and Don’ts from OCR’s Guidance and FAQs on Telehealth and HIPAA

By Elizabeth G. Litten on March 23, 2020

Posted in Privacy & Security, Uncategorized

On March 20, 2020, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published Guidance and a list of FAQs related to the provision of telehealth and HIPAA compliance.

“OCR will exercise enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered…

Medicare and OCR Relax Telehealth Rules Under Medicare and HIPAA

By William Maruca on March 19, 2020

Posted in Articles, HIPAA Enforcement, Privacy & Security, Uncategorized

By Margaret J. Davino, Salvatore J. Russo and Nawa A. Lodin

In the Medicare Telemedicine Healthcare Provider Fact Sheet published March 17, 2020, the Centers for Medicare & Medicaid Services (CMS) broadened access to Medicare telehealth services to allow Medicare patients to receive more services from their doctors without travel to a health care…

COVID-19 Update: Limited Waiver of HIPAA Sanctions and Penalties for Certain Hospitals

By Elizabeth G. Litten on March 17, 2020

Posted in HIPAA Enforcement, Privacy & Security, Uncategorized

Effective March 15, 2020, certain hospitals that fail to comply with specific HIPAA Privacy Rule requirements will not be subject to HIPAA sanctions and penalties, according to a “COVID-19 & HIPAA Bulletin” issued by U.S. Health and Human Services Secretary Alex M. Azar. The waiver was implemented as a response to President Trump’s…

HIPAA and COVID-19: ABCs For Working From Home

By Elizabeth G. Litten on March 13, 2020

Posted in Privacy & Security, Uncategorized

If your company is a covered entity or a business associate, you face unique challenges when workforce members ask or are required to work from home. Hopefully, your company’s HIPAA Security Policies and Procedures address the use of portable devices, whether they are owned by the employer or by the employee, and your HIPAA security…

More for Employers re: HIPAA Privacy and COVID-19

By Elizabeth G. Litten on March 11, 2020

Posted in Privacy & Security, Uncategorized

The FAQs included in my prior post address employer response with an eye to HIPAA compliance. What else can an employer do or not do with employee information related to COVID-19 status? Even covered entities and business associates concerned with HIPAA must be alert to other laws that affect their communications and action plans. Employers…

FAQs on HIPAA Privacy and COVID-19

By Elizabeth G. Litten on March 10, 2020

Posted in Privacy & Security

Fox Rothschild partner Bill Maruca’s article, “Protecting Privacy During an Infectious Disease Panic”, is (unfortunately) as relevant today as it was when it was posted here more than 5 years ago. Swap Ebola for COVID-19, and the article provides useful guidance for covered entities and business associates subject to HIPAA and to employers, family and…

Does the HIPAA Concept of De-identification Serve to Adequately Protect the Privacy of all Personal Health Information?

By Elizabeth G. Litten on February 26, 2020

Posted in Privacy & Security

Fellow Fox Rothschild LLP Partner (and former hospital system General Counsel) Salvatore J. Russo generously contributed this post.

Some twenty-three years ago, the first well-publicized incident of the re-identification of de-identified personal health data was brought to the attention of the American public. It involved the then governor of Massachusetts, William Weld. Dr. Latanya Sweeney…

Foreshadowing HIPAA Trends for 2020

By Michael Kline on January 13, 2020

Posted in Articles, Privacy & Security

As she has done for a number of years now, our good friend Marla Durben Hirsch highlighted Fox Rothschild (Fox) lawyers in her annual predictions articles in the January 2020 issue of Medical Practice Compliance Alert (MPCA). In her first article entitled “Technology will propel compliance trends in 2020”, Marla included the following…

HIPAA versus FERPA: New Joint Guidance Highlights Emergencies and Complexities

By Elizabeth G. Litten on December 30, 2019

Posted in Privacy & Security

More than eleven years have passed since the U.S. Department of Health and Human Services (HHS), the agency responsible for the privacy of protected health information under HIPAA, and the U.S. Department of Education (DOE), the agency responsible for the privacy of student records under FERPA, issued joint guidance on the interplay between HIPAA and…

How the Grinch Steals Health Care Data: OCR Warnings and Tips in Time for the Holidays

By Elizabeth G. Litten on December 4, 2019

Posted in Health IT, Privacy & Security

More and more often, health care data is stolen or made inaccessible by targeted ransomware attacks. The Office for Civil Rights (OCR) published a newsletter this week that provides warnings for HIPAA covered entities and business associates. It also provides practical tips to prevent and help you survive these attacks.

OCR’s warnings should resonate with…

MENU

HIPAA & Health Information Technology

Privacy & Security

Dos and Don’ts from OCR’s Guidance and FAQs on Telehealth and HIPAA

Medicare and OCR Relax Telehealth Rules Under Medicare and HIPAA

COVID-19 Update: Limited Waiver of HIPAA Sanctions and Penalties for Certain Hospitals

HIPAA and COVID-19: ABCs For Working From Home

More for Employers re: HIPAA Privacy and COVID-19

Does the HIPAA Concept of De-identification Serve to Adequately Protect the Privacy of all Personal Health Information?

Foreshadowing HIPAA Trends for 2020

HIPAA versus FERPA: New Joint Guidance Highlights Emergencies and Complexities

How the Grinch Steals Health Care Data: OCR Warnings and Tips in Time for the Holidays

About Our Firm