Uncategorized

Dos and Don’ts from OCR’s Guidance and FAQs on Telehealth and HIPAA

By Elizabeth G. Litten on March 23, 2020

Posted in Privacy & Security, Uncategorized

On March 20, 2020, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) published Guidance and a list of FAQs related to the provision of telehealth and HIPAA compliance.

“OCR will exercise enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered…

Medicare and OCR Relax Telehealth Rules Under Medicare and HIPAA

By William Maruca on March 19, 2020

Posted in Articles, HIPAA Enforcement, Privacy & Security, Uncategorized

By Margaret J. Davino, Salvatore J. Russo and Nawa A. Lodin

In the Medicare Telemedicine Healthcare Provider Fact Sheet published March 17, 2020, the Centers for Medicare & Medicaid Services (CMS) broadened access to Medicare telehealth services to allow Medicare patients to receive more services from their doctors without travel to a health care…

COVID-19 Update: Limited Waiver of HIPAA Sanctions and Penalties for Certain Hospitals

By Elizabeth G. Litten on March 17, 2020

Posted in HIPAA Enforcement, Privacy & Security, Uncategorized

Effective March 15, 2020, certain hospitals that fail to comply with specific HIPAA Privacy Rule requirements will not be subject to HIPAA sanctions and penalties, according to a “COVID-19 & HIPAA Bulletin” issued by U.S. Health and Human Services Secretary Alex M. Azar. The waiver was implemented as a response to President Trump’s…

HIPAA and COVID-19: ABCs For Working From Home

By Elizabeth G. Litten on March 13, 2020

Posted in Privacy & Security, Uncategorized

If your company is a covered entity or a business associate, you face unique challenges when workforce members ask or are required to work from home. Hopefully, your company’s HIPAA Security Policies and Procedures address the use of portable devices, whether they are owned by the employer or by the employee, and your HIPAA security…

More for Employers re: HIPAA Privacy and COVID-19

By Elizabeth G. Litten on March 11, 2020

Posted in Privacy & Security, Uncategorized

The FAQs included in my prior post address employer response with an eye to HIPAA compliance. What else can an employer do or not do with employee information related to COVID-19 status? Even covered entities and business associates concerned with HIPAA must be alert to other laws that affect their communications and action plans. Employers…

Breach Notice Deadline Alert

By William Maruca on February 18, 2020

Posted in Articles, Breach notification, Security Breach Notification, Uncategorized

If you are a covered entity who experienced a breach of unsecured protected health information affecting fewer than 500 individuals , you must notify the Office of Human Rights of the Department of Health and Human Services of the breach within 60 days of the end of the calendar year in which the breach was…

Tell Me Again: What Can Covered Entities (or their Business Associates) Charge for Medical Records Requests?

By Elizabeth G. Litten on February 13, 2020

Posted in HIPAA Authorizations, Individual Access Rights, Uncategorized

The answer to this question has changed yet again. I’ve blogged on this topic several times in the past (see here, here and here), and described the question as a wriggling worm. Plaintiff Ciox Health, LLC has finally managed to catch that worm and share its bounty among those looking to charge third-party…

MENU

HIPAA & Health Information Technology

Uncategorized

Dos and Don’ts from OCR’s Guidance and FAQs on Telehealth and HIPAA

Medicare and OCR Relax Telehealth Rules Under Medicare and HIPAA

COVID-19 Update: Limited Waiver of HIPAA Sanctions and Penalties for Certain Hospitals

HIPAA and COVID-19: ABCs For Working From Home

More for Employers re: HIPAA Privacy and COVID-19

Breach Notice Deadline Alert

Tell Me Again: What Can Covered Entities (or their Business Associates) Charge for Medical Records Requests?

About Our Firm