The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) has concluded an all-time record year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. In 2018, OCR settled 10 cases and was granted summary judgment in a case before an Administrative Law Judge, together totaling $28.7 million from […]
Read the rest of this entry »As a result of a single data breach of protected health information (PHI), albeit one affecting 79 million consumers, Anthem Inc. is now being fined $16 million by the government and owes an additional $115 million to those affected, who won a class action lawsuit that was approved by a judge this past August. The […]
Read the rest of this entry »Following comments made in March by Roger Severino, director of the Office for Civil Rights (OCR), the Department of Health and Human Services (HHS) recently published two Notices of Proposed Rulemaking (NPRMs), seeking comments on revising the disclosure rule covering protected health information (PHI) and on sharing HIPAA Privacy Rule violation fines with victims of […]
Read the rest of this entry »Roger Severino, director of the Office for Civil Rights (OCR) with enforcement powers over the HIPAA Privacy Rule and breaches of protected health information (PHI), announced he is looking to make some changes to both and will issue Notices of Proposed Rulemaking (NPRMs) and Requests for Information (RFIs) before proceeding. Specifically, he told a HIPAA […]
Read the rest of this entry »A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $100,000 out of the receivership estate to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Filefax, located in Northbrook, […]
Read the rest of this entry »Fresenius Medical Care North America (FMCNA), which operates health care facilities throughout the nation, has settled for $3.5 million for a series of five breaches it reported in 2012. This was the first settlement of the year announced by the Office for Civil Rights (OCR), which enforces HIPAA breach violations. Headquartered in Waltham, Mass., FMCNA is […]
Read the rest of this entry »The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS) in January published a newsletter concerning cyber threats to entities storing PHI (protected health information), which is covered by the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA). The newsletter begins by nothing that “Organizations […]
Read the rest of this entry »Following President Trump’s call to action that led to the declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights (OCR) is releasing new guidance on when and how healthcare providers can share a patient’s health information with his or her family members, friends, and legal personal representatives […]
Read the rest of this entry »The Department of Health and Human Services (HHS) and its Office for Civil Rights (OCR) have launched a revised web tool that puts important information into the hands of individuals, empowering them to better identify recent breaches of health information and to learn how all breaches of health information are investigated and successfully resolved. The […]
Read the rest of this entry »The Office for Civil Rights (OCR), the entity within the Department of Health and Human Services (HHS) that enforces the Privacy, Security and Breach rules of HIPAA, has released new guidance advising covered entities and business associates on best practices for preventing and reporting cyber attacks. “Reporting and Monitoring Cyber Threats” advises companies that maintain […]
Read the rest of this entry »