July Worst Month Ever for Medical Data Breaches

July was n historic month when it comes to breaches of health care data involving incidents affecting 500 or more persons, with a total of more than 50 such breaches reported to the Office for Civil Rights (OCR) affecting more than 35 million individuals. According to HIPAA Journal, the “main reason for the increase in […]

Read the rest of this entry »
GoTo top Top

First HIPAA Lawsuit by State Attorneys General Settled

Medical Informatics Engineering Inc. (MIE) has agreed to pay $900,000 to 16 states whose attorneys general had sued the company over a data breach in violation of the Health Insurance Portability and Accountability Act (HIPAA). Simultaneously, MIE settled with the Department of Health and Human Services (HHS) for $100,000 and committed to a two-year corrective […]

Read the rest of this entry »
GoTo top Top

HHS Proposes to Reverse Transgender Protections under Obamacare

The Affordable Care Act (ACA, or Obamacare) contains language prohibiting discrimination in health care based on sex, which was expanded under a 2016 rule by the Obama-era Department of Health and Human Services (HHS) to include gender identity. Now the Trump HHS has proposed reversing that rule and confining ACA anti-discrimination protections to only the […]

Read the rest of this entry »
GoTo top Top

Cottage Health Settlement Caps Record Year for HIPAA Enforcement

The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) has concluded an all-time record year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. In 2018, OCR settled 10 cases and was granted summary judgment in a case before an Administrative Law Judge, together totaling $28.7 million from […]

Read the rest of this entry »
GoTo top Top

Anthem On the Hook for $16M to U.S., $115M to Consumers

As a result of a single data breach of protected health information (PHI), albeit one affecting 79 million consumers, Anthem Inc. is now being fined $16 million by the government and owes an additional $115 million to those affected, who won a class action lawsuit that was approved by a judge this past August. The […]

Read the rest of this entry »
GoTo top Top

HHS Seeks to Modify Disclosure Rule, Establish Means to Share HIPAA Fines with Victims

Following comments made in March by Roger Severino, director of the Office for Civil Rights (OCR), the Department of Health and Human Services (HHS) recently published two Notices of Proposed Rulemaking (NPRMs), seeking comments on revising the disclosure rule covering protected health information (PHI) and on sharing HIPAA Privacy Rule violation fines with victims of […]

Read the rest of this entry »
GoTo top Top

OCR Chief to Seek Changes to HIPAA Privacy Rule and Breach Enforcement

Roger Severino, director of the Office for Civil Rights (OCR) with enforcement powers over the HIPAA Privacy Rule and breaches of protected health information (PHI), announced he is looking to make some changes to both and will issue Notices of Proposed Rulemaking (NPRMs) and Requests for Information (RFIs) before proceeding. Specifically, he told a HIPAA […]

Read the rest of this entry »
GoTo top Top

HIPAA Violations Don’t End with the Closing of a Business, OCR Says

A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $100,000 out of the receivership estate to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Filefax, located in Northbrook, […]

Read the rest of this entry »
GoTo top Top

Firm Settles for $3.5 Million for 5 HIPAA Breaches

Fresenius Medical Care North America (FMCNA), which operates health care facilities throughout the nation, has settled for $3.5 million for a series of five breaches it reported in 2012. This was the first settlement of the year announced by the Office for Civil Rights (OCR), which enforces HIPAA breach violations. Headquartered in Waltham, Mass., FMCNA is […]

Read the rest of this entry »
GoTo top Top

OCR Issues Newsletter Warning about Cyber Threats to PHI

The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS) in January published a newsletter concerning cyber threats to entities storing PHI (protected health information), which is covered by the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA). The newsletter begins by nothing that “Organizations […]

Read the rest of this entry »
GoTo top Top