Medicare beneficiaries whose healthcare providers participate in an Accountable Care Organization (ACO) under the Medicare Shared Savings Program (MSSP) may want to add the Centers for Medicare & Medicaid Services
Continue Reading “No” to ACO Data Sharing? Proposed Rules Tweak Medicare Beneficiary Opt-Out Notice Procedure
Department of Health and Human Services
The Parade of Major Reported PHI Breaches Surges to 885 – Theft and Loss Dominate the Numbers
By Fox Rothschild on
The number of large breaches of Protected Health Information (PHI) under HIPAA that have been reported on the so-called “Wall of Shame” (the HHS List) maintained by the U.S. Department …
Continue Reading The Parade of Major Reported PHI Breaches Surges to 885 – Theft and Loss Dominate the Numbers
Two Months to Amend HIPAA Business Associate Agreements for Omnibus Compliance, But Beware the Bare Bones BAA
By Elizabeth G. Litten on
Does your business associate agreement (BAA) reflect your business deal, or is it a bare bones HIPAA compliance document?
Now is the time to check. The HIPAA “Omnibus Rule” published…
Continue Reading Two Months to Amend HIPAA Business Associate Agreements for Omnibus Compliance, But Beware the Bare Bones BAA
Hobby Lobby, HIPAA and Happy Independence Day
By Elizabeth G. Litten on
The recent United States Supreme Court decision in Burwell v. Hobby Lobby Stores, Inc. has attorneys, pundits, policy-makers and businesses (yes, corporations are people, too) pondering big, quintessentially American…
Continue Reading Hobby Lobby, HIPAA and Happy Independence Day
Paper Records HIPAA Violation Results in $800,000 Payment under HHS Resolution Agreement
By Fox Rothschild on
My partner Elizabeth Litten was quoted at length by Alexis Kateifides in his recent article in DataGuidance entitled “USA: ‘Unique’ HIPAA violation results in $800,000 settlement.” While the full text…
Continue Reading Paper Records HIPAA Violation Results in $800,000 Payment under HHS Resolution Agreement
The Wild West of Data Breach Enforcement by the Feds
Imagine you have completed your HIPAA risk assessment and implemented a robust privacy and security plan designed to meet each criteria of the Omnibus Rule. You think that, should you…
Continue Reading The Wild West of Data Breach Enforcement by the Feds
Puerto Rico Raises a High Bar for Fines Levied for PHI Breaches
By Elizabeth G. Litten on
My partner Bill Maruca was quoted in Jeff Overley’s article “Historic HIPAA Fine Will Push Feds To Get Tougher” published in Law360 on Friday, February 20, 2014. The article reports…
Continue Reading Puerto Rico Raises a High Bar for Fines Levied for PHI Breaches
The Parade of PHI Security Breaches: Why Did it Take Two Years for the Status of Minne-Tohe Health Center as a Marcher to be Disclosed?
By Fox Rothschild on
It is noteworthy that there are often substantial delays in disclosures regarding covered entities (“CEs”) that have become marchers in the Parade of large Protected Health Information (“PHI”) security breaches…
Continue Reading The Parade of PHI Security Breaches: Why Did it Take Two Years for the Status of Minne-Tohe Health Center as a Marcher to be Disclosed?
A Business Associate Agreement Dilemma: To Indemnify or Not to Indemnify – Ten Considerations
By Fox Rothschild on
A party (Party) to a HIPAA Business Associate Agreement (BAA) or Subcontractor Agreement (SCA), whether a covered entity (CE), business associate (BA) or subcontractor (SC), may struggle with the question…
Continue Reading A Business Associate Agreement Dilemma: To Indemnify or Not to Indemnify – Ten Considerations
Ten Days, Ten Tips – Countdown to Omnibus Rule Compliance #3
By Elizabeth G. Litten on
Unless the Department of Health and Human Services (HHS) makes another last-minute, litigation-inspired decision to delay the September 23, 2013 compliance date, we’re well into the 10-day countdown for compliance…
Continue Reading Ten Days, Ten Tips – Countdown to Omnibus Rule Compliance #3