HHS Office for Civil Rights (OCR)’s April 3, 2019 cybersecurity newsletter highlights one of the more challenging cybersecurity vulnerabilities faced by covered entities and business associates.  OCR reminds covered entities
Continue Reading HIPAA Security and “Zero Day” Exploits: How to Stay Ahead of the Hack

I’m sure fellow bloggers Bill Maruca and Michael Kline join me in giving three cheers for the recent growth in our firm’s health care practice (welcome, Minneapolis!) and
Continue Reading HIP-HIP(AA)-HOORAY: Margaret Davino, Esq. Joins Fox Rothschild HIPAA Team and Offers 5 Tips for 2016 HIPAA Compliance

Under HIPAA, where do we draw the line between a run-of-the-mill, ordinary garden variety “security incident” and a “presumed breach” when it comes to reporting PHI events? How do we describe these types of reporting obligations in business associate agreements?
Continue Reading Do I really need to report (or get a report on) every “Security Incident” under the sun to comply with HIPAA?