The Office for Civil Rights (“OCR”) of the U.S. Department of Health and Human Services recently released a “sample” letter that will be used as the template for the actual letters that OCR will issue to those covered entities that are selected for HIPAA audits in 2012.
Continue Reading HHS/OCR Audits Are Almost Here – OCR Issues “Sample” Audit Letter
HITECH
HHS/OCR Audits are Coming: What are Covered Entities Doing to Prepare?
Those entities subject to both the HIPAA privacy and security rules should pay close attention to recent action taken by the U.S. Department of Health and Human Services Office for Civil Rights, which will increase the frequency and depth of government audits for HIPAA/ITECH compliance over the next year.
Continue Reading HHS/OCR Audits are Coming: What are Covered Entities Doing to Prepare?
Stanford Hospital Emergency Room Data Breach: the Snoopy® Float Materializes in the Parade of PHI Breaches
Spectators of the Protected Health Information Breach Parade (and of the “silent brigade” of Business Associate breaches) will be awed by the sight of the recent, somewhat bizarre, Business Associate breach involving Stanford Hospital’s emergency room data.
Continue Reading Stanford Hospital Emergency Room Data Breach: the Snoopy® Float Materializes in the Parade of PHI Breaches
Selecting A Practice Management System? AMA/MGMA Toolkit May Help
Looking to buy or upgrade your scheduling, billing and collection software? Want to make sure what you’re buying meets the latest HIPAA electronic standard transaction criteria and is able to handle the new ICD-10…
Continue Reading Selecting A Practice Management System? AMA/MGMA Toolkit May Help
New Turn in the Parade of PHI Breaches: Office of Civil Rights Exacts Heavy Payments From Cignet Health and Massachusetts General Hospital
Last week for the first time, the Office for Civil Rights of HHS reported exacting heavy financial obligations from (i) Cignet Health on February 22, 2011, with a $4.3 million civil monetary penalty assessment for violations of the HIPAA Privacy Rule, and (ii) Massachusetts General Hospital on February 24, 2011, for a settlement that includes a payment to the U.S. government of $1,000,000 for potential violations of HIPAA.
Continue Reading New Turn in the Parade of PHI Breaches: Office of Civil Rights Exacts Heavy Payments From Cignet Health and Massachusetts General Hospital
The Parade of PHI Security Breaches: Escalating Enforcement Activity by State Attorneys General – Most Recently in Vermont
On January 18, 2011, the office of Attorney General William Sorrell of Vermont announced in a press release that it had settled a lawsuit against Health Net, Inc., involving an alleged PHI security breach, by means of a consent decree which requires court approval.
Continue Reading The Parade of PHI Security Breaches: Escalating Enforcement Activity by State Attorneys General – Most Recently in Vermont
HITECH EMR Incentive Registration Opens January 3, 2011
Early EHR adopters, mark your calendars: CMS will begin accepting registration for participation in the Medicare EHR incentive program beginning January 3, 2010. CMS will post a link to the registration process …
Continue Reading HITECH EMR Incentive Registration Opens January 3, 2011
PHI: The University of Tennessee Medical Center Joins the Parade of Potential Security Breaches
The University of Tennessee Medical Center based in Knoxville has apparently recently joined in the march.
Continue Reading PHI: The University of Tennessee Medical Center Joins the Parade of Potential Security Breaches
PHI: The Parade of Security Breaches Continues to Lengthen with the Addition of Henry Ford Health System
The Henry Ford Health System has notified affected patients of a breach involving unsecured PHI.
Continue Reading PHI: The Parade of Security Breaches Continues to Lengthen with the Addition of Henry Ford Health System
The Parade of PHI Security Breaches: Escalating Enforcement Activity by Attorneys General – Most Recently in Indiana
Significantly, the lawsuit by the Indiana Attorney General is not being brought under HIPAA/HITECH but under Indiana state law.
Continue Reading The Parade of PHI Security Breaches: Escalating Enforcement Activity by Attorneys General – Most Recently in Indiana