The Connecticut Supreme Court handed down a decision in the case of Byrne v. Avery Center for Obstetrics and Gynecology, P.C., — A.3d —-, 2014 WL 5507439 (2014) that

[a]ssuming,


Continue Reading Connecticut Supreme Court Recognizes Individual’s Right for State Tort Action Using HIPAA as Standard of Care

Does your business associate agreement (BAA) reflect your business deal, or is it a bare bones HIPAA compliance document?

Now is the time to check. The HIPAA “Omnibus Rule” published
Continue Reading Two Months to Amend HIPAA Business Associate Agreements for Omnibus Compliance, But Beware the Bare Bones BAA

In January 2011 this blog series discussed here and here that the University of Rochester Medical Center (“URMC” or the “Medical Center”) became a marcher twice in 2010 in the
Continue Reading The Parade of Large PHI Security Breaches: The University of Rochester Medical Center Makes it a Triple in 2013

While the summaries of closed investigations posted on the U.S. Department of Health and Human Services list of breaches of unsecured PHI affecting 500 or more individuals continue to provide highly useful information for covered entities, business associates and subcontractors relative to confronting PHI breaches, large and small, they must be analyzed with appropriate care and attention paid to changes brought about by the recently-published Omnibus Rule.
Continue Reading Collateral Effects of the Omnibus Rule: Exercise Caution in Using Past OCR Summaries on Large PHI Breaches as a Roadmap for Future Guidance

The September 23, 2013 deadline for updating Business Associate Agreements is extended for one year under the Omnibus Rule for covered entities who have compliant Business Associate Agreements in place

Continue Reading Urgent – Verify Your Business Associate and Subcontractor Agreements by This Friday 1/25/13 to Qualify for Extension