Archive for the ‘HIPAA’ Category

The Office for Civil Rights (OCR) this month is commencing its first round of audits focusing on covered entities' HIPAA security and privacy rule compliance. A pilot audit program running through April 2012 will check compliance at 20 firms to form the basis for auditing procedures in the future. Eventually, 150 covered entities will be [...]

When earlier this year the Office of Civil Rights (OCR) hit Cignet Health with a $4.3 million civil penalty, it represented the opening volley in teethier enforcement of the HIPAA Privacy Rule under a new law that vastly increased the potential for fines. Cignet received the first-ever civil penalty under 2009's Health Information Technology for [...]

The Department of Health and Human Services (HHS), through its Office of Civil Rights (OCR), has awarded a $9-million contract to KPMG to help audit 150 covered entities and business associates for adherence to HIPAA security and privacy standards. According to language in the contract, "Site visits conducted as part of every audit would include [...]

The Department of Health and Human Services (HHS) is aiming to release its long-awaited (and consolidated) Final Rule on the HIPAA privacy and security rules by the end of 2011, it was announced by Susan McAndrew, deputy director in the HHS Office for Civil Rights (OCR). The revamped regulations for the privacy and security rules [...]

The Office of Civil Rights (OCR), the unit of the Department of Health and Human Services (HHS) responsible for monitoring health information breaches, recently reported that the total number of Americans affected by large data breaches has surpassed 10 million individuals. With the enactment of the Health Information Technology for Economic and Clinical Health Act [...]

When the Office of Civil Rights (OCR) of the Department of Health and Human Services (HHS), charged with enforcing the privacy and security rules of HIPAA, recently levied a $4.3-million fine on Cignet Health of Maryland, it marked the first time a HIPAA fine had been issued. This was swiftly followed by a $1-million settlement [...]

In the wake of a spate of high-profile employee class action lawsuits on excessive 401(k) fees, the Employee Benefits Security Administration (EBSA) has jumped into the fray with the publishing of a final rule of the transparency of fees and expenses associated with 401-(k)-type retirement plans. Plan administrators will now have to provide detailed, plain-language [...]

The Internal Revenue Service (IRS) has announced dollar limits for tax-deferred retirement savings accounts for 2011, and, reflecting a flat cost-of-living index for 2010, has left those limits virtually unchanged for the new year. For instance, the limit for 401(k), 457(b) and 403(b) plans remains unchanged at $16,500, with health savings accounts (HSA) holding steady [...]

Though on Aug. 4 it withdrew its Interim Final Rule regarding HIPAA security breach notifications, the Department of Health and Human Services (HHS) has since clarified on its Web site that the suspended rule of Sept. 23, 2009, remains in effect. "This is a complex issue and the Administration is committed to ensuring that individuals’ [...]

The Department of Health and Human Services (HHS) this morning (July 8, 2010) held a press conference to announce a Notice of Proposed Rule Making (NRPM) concerning the privacy, security and enforcement provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The proposed modifications would extend parts of the HIPAA Privacy Rule [...]