Archive for the ‘OCR’ Category

Medical Informatics Engineering Inc. (MIE) has agreed to pay $900,000 to 16 states whose attorneys general had sued the company over a data breach in violation of the Health Insurance Portability and Accountability Act (HIPAA). Simultaneously, MIE settled with the Department of Health and Human Services (HHS) for $100,000 and committed to a two-year corrective […]

The Affordable Care Act (ACA, or Obamacare) contains language prohibiting discrimination in health care based on sex, which was expanded under a 2016 rule by the Obama-era Department of Health and Human Services (HHS) to include gender identity. Now the Trump HHS has proposed reversing that rule and confining ACA anti-discrimination protections to only the […]

The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) has concluded an all-time record year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. In 2018, OCR settled 10 cases and was granted summary judgment in a case before an Administrative Law Judge, together totaling $28.7 million from […]

As a result of a single data breach of protected health information (PHI), albeit one affecting 79 million consumers, Anthem Inc. is now being fined $16 million by the government and owes an additional $115 million to those affected, who won a class action lawsuit that was approved by a judge this past August. The […]

Following comments made in March by Roger Severino, director of the Office for Civil Rights (OCR), the Department of Health and Human Services (HHS) recently published two Notices of Proposed Rulemaking (NPRMs), seeking comments on revising the disclosure rule covering protected health information (PHI) and on sharing HIPAA Privacy Rule violation fines with victims of […]

Roger Severino, director of the Office for Civil Rights (OCR) with enforcement powers over the HIPAA Privacy Rule and breaches of protected health information (PHI), announced he is looking to make some changes to both and will issue Notices of Proposed Rulemaking (NPRMs) and Requests for Information (RFIs) before proceeding. Specifically, he told a HIPAA […]

A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $100,000 out of the receivership estate to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Filefax, located in Northbrook, […]

Fresenius Medical Care North America (FMCNA), which operates health care facilities throughout the nation, has settled for $3.5 million for a series of five breaches it reported in 2012. This was the first settlement of the year announced by the Office for Civil Rights (OCR), which enforces HIPAA breach violations. Headquartered in Waltham, Mass., FMCNA is […]

The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS) in January published a newsletter concerning cyber threats to entities storing PHI (protected health information), which is covered by the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA). The newsletter begins by nothing that “Organizations […]

Following President Trump’s call to action that led to the declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights (OCR) is releasing new guidance on when and how healthcare providers can share a patient’s health information with his or her family members, friends, and legal personal representatives […]