HIPAA Allows Information Sharing with Loved Ones in Opioid Crisis, OCR Says

Following President Trump’s call to action that led to the declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights (OCR) is releasing new guidance on when and how healthcare providers can share a patient’s health information with his or her family members, friends, and legal personal representatives […]

Read the rest of this entry »
GoTo top Top

HHS Improves HIPAA Breach Web Reporting Tool

The Department of Health and Human Services (HHS) and its Office for Civil Rights (OCR) have launched a revised web tool that puts important information into the hands of individuals, empowering them to better identify recent breaches of health information and to learn how all breaches of health information are investigated and successfully resolved. The […]

Read the rest of this entry »
GoTo top Top

OCR Releases Guidance on Protecting ePHI from Cyber Threats

The Office for Civil Rights (OCR), the entity within the Department of Health and Human Services (HHS) that enforces the Privacy, Security and Breach rules of HIPAA, has released new guidance advising covered entities and business associates on best practices for preventing and reporting cyber attacks. “Reporting and Monitoring Cyber Threats” advises companies that maintain […]

Read the rest of this entry »
GoTo top Top

Small Breach Notifications Due by March 1

HIPAA-covered entities must report small data breaches of protected health information (PHI) affecting fewer than 500 individuals to the Office for Civil Rights (OCR) by March 1.  The law allows for 60 days to elapse at the close of a calendar year before that year’s small breaches must be reported to OCR. When the breach […]

Read the rest of this entry »
GoTo top Top

OCR Trebles Its HIPAA Violations Fines in FY 2016

The Office for Civil Rights (OCR) shattered all monetary settlement records for violations of the HIPAA (Health Insurance Portability and Accountability Act) privacy, security and breach rules in the fiscal year ended this past Sept. 30, according to a study by the law firm McDermott Will & Emery. In fiscal 2016, OCR socked companies $25,6 million for HIPAA violations, […]

Read the rest of this entry »
GoTo top Top

$5.5M Settlement Largest Ever for a HIPAA Security Violation

Advocate Health Care Network (Advocate) has agreed to a settlement with the Department of Health and Human Services (HHS), Office for Civil Rights (OCR), for multiple potential violations of the Health Insurance Portability and Accountability Act (HIPAA) involving electronic protected health information (ePHI). Advocate has agreed to pay a settlement amount of $5.55 million and […]

Read the rest of this entry »
GoTo top Top

OCR Notifies 167 Covered Entities That They’re Being HIPAA-Compliant Audited

The Office for Civil Rights (OCR), in charge of enforcing the privacy, security, breach and other HIPAA rules, said yesterday it has notified 167 covered entities that they must submit all papers necessary for a remote “desk audit” within 10 days. “Letters were delivered on Monday, July 11, 2016, via email to 167 health plans, healthcare […]

Read the rest of this entry »
GoTo top Top

First-Ever Business Associate Fine for a HIPAA Violation

Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule after the theft of a CHCS mobile device compromised the protected health information (PHI) of hundreds of nursing home residents, according to the Office for Civil […]

Read the rest of this entry »
GoTo top Top

Reality TV Goes Too Far, Films Dying Patient — Gets Fined $2.2M

This week, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it reached a $2.2 million settlement with New York Presbyterian Hospital (NYP) for the egregious disclosure of two patients’ protected health information (PHI) to film crews and staff during the filming of “NY Med,” an ABC television series, […]

Read the rest of this entry »
GoTo top Top

OCR Begins Phase 2 of HIPAA Audits

As a part of its continued efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the Office for Civil Rights (OCR) has begun its next phase of audits of covered entities and their business associates. In its 2016 Phase 2 HIPAA Audit Program, OCR will  review the policies and procedures adopted […]

Read the rest of this entry »
GoTo top Top