Privacy & Security

Last week for the first time, the Office for Civil Rights of HHS reported exacting heavy financial obligations from (i) Cignet Health on February 22, 2011, with a $4.3 million civil monetary penalty assessment for violations of the HIPAA Privacy Rule, and (ii) Massachusetts General Hospital on February 24, 2011, for a settlement that includes a payment to the U.S. government of $1,000,000 for potential violations of HIPAA.
Continue Reading New Turn in the Parade of PHI Breaches: Office of Civil Rights Exacts Heavy Payments From Cignet Health and Massachusetts General Hospital

A type of relatively new insurance coverage may be an option for those who worry that even airtight, well-implemented policies and procedures may not be enough to protect a healthcare provider against financial losses from a PHI security breach.
Continue Reading PHI: What Can a Provider Do to “Insure” Against a Security Breach?

The requirements under the HIPAA/HITECH statutes and regulations for public disclosure of security breaches of Protected Health Information (“PHI”) have brought to light an increasing volume involving highly respected

Continue Reading PHI: The Parade of Security Breaches Continues to Lengthen with the Addition of Thomas Jefferson University Hospital