In a recent Guidance, the Office of Civil Rights of the U.S. Department of Health and Human Services (“OCR”) appears to have attempted to reverse an impression that its
Continue Reading Eight Tips to Confront the New Initiative by HHS on PHI Security
OCR
“I Want My PHI”, Part 2 – OCR Audits Will Focus on Individual Access Rights
We blogged on this back in early May, but compliance with individuals’ rights to access their PHI under HIPAA is even more critical now that OCR has announced that its…
Continue Reading “I Want My PHI”, Part 2 – OCR Audits Will Focus on Individual Access Rights
A Checklist to Get Ready for the HIPAA Audits (Part 2)
Jessica Forbes Olson and T.J. Lang write:
In Part 1, we noted that on March 21, 2016, the Office of Civil Rights (“OCR”) announced it will launch a second…
Continue Reading A Checklist to Get Ready for the HIPAA Audits (Part 2)
HIPAA Audits: Ready or Not Here They Come! (Part 1)
Jessica Forbes Olson and T.J. Lang write:
On March 21, 2016, the Office of Civil Rights (“OCR”) announced it…
Continue Reading HIPAA Audits: Ready or Not Here They Come! (Part 1)
There’s An App For That Health Information – But is it HIPAA-Covered?
“Maybe” is the take-away from recent guidance posted on OCR’s mHealth Developer Portal, making me wonder whether the typical health app user will know when her health information is…
Continue Reading There’s An App For That Health Information – But is it HIPAA-Covered?
Health System Settles for $1.5 Million for Failing To Implement Business Associate Agreement
Matthew Redding contributed to this post.
It’s a familiar story: a HIPAA breach triggers an investigation which reveals systemic flaws in HIPAA compliance, resulting in a seven-figure settlement. A stolen…
Continue Reading Health System Settles for $1.5 Million for Failing To Implement Business Associate Agreement
Election Year Predictions: Expansion of Federal Healthcare Privacy Regulation
Our partner Elizabeth Litten and I were quoted by our good friend Marla Durben Hirsch in her article in Medical Practice Compliance Alert entitled “6 Compliance Trends Likely to Affect…
Continue Reading Election Year Predictions: Expansion of Federal Healthcare Privacy Regulation
Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015
When and how should you email PHI, if at all? The Office for Civil Rights (OCR) offers guidance as to the permissibility of sending PHI via email in this “Frequently…
Continue Reading Emailing PHI? NIST Seeks Comments on Trustworthy Email by November 30, 2015
Oncology Group Fined $750,000 Over Stolen Backup Media, Lax Compliance Efforts
Cancer Care Group, P.C., a 13-physician radiation oncology practice in Indiana (group), has agreed to pay $750,000 and implement a comprehensive corrective action plan in a settlement resulting from the…
Continue Reading Oncology Group Fined $750,000 Over Stolen Backup Media, Lax Compliance Efforts
Six Tips for Physicians to Protect Patient Data on the Internet
Our partner Elizabeth Litten and I were once again quoted by our good friend Marla Durben Hirsch in her recent articles in Medical Practice Compliance Alert entitled “Misapplication of Internet…
Continue Reading Six Tips for Physicians to Protect Patient Data on the Internet