HHS Overhaul of HIPAA: Summary of New Obligations for Covered Entities and Business Associates

January 24, 2013

On January 17, 2013, the Department of Health and Human Services (HHS) posted Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules [PDF] (the Final Rule) under the authority of the HITECH Act and the Genetic Information Nondiscrimination Act (GINA), as well as under the general authority of HHS. The Final Rule, scheduled (...) [Read More]

Categories: HIPAA, HIPAA Business Assoicate, HIPAA Privacy Rule, HIPAA Security Rule, HITECH, HITECH Breaches Comments (1)
Tags: , ,

New HIPAA Rule Released Today

January 17, 2013

The new HIPAA/HITECH rule in an unpublished version was released today and can be found at www.federalregister.gov/articles/2013/01/25/2013-01073/modifications-to-the-hipaa-privacy-security-enforcement-and-breach-notification-rules. Ober’s analysis to come shortly.

Categories: HIPAA Comments (0)
Tags: , ,

First HIPAA Breach Settlment with Less than 500 Patients

January 2, 2013

Today, HHS announced that it entered into the first breach settlement for less than 500 patients.  HHS settled for $50,000 with Hospice of North Idaho for violations of the HIPAA Security Rule including a failure to maintain security policies and procedures and maintain secure mobile devices.  In June 2010, an unencrypted Hospice of North Idaho laptop was stolen (...) [Read More]

Categories: HIPAA, HIPAA Security Rule, mHealth Comments (0)
Tags: , , ,

It’s Coming: The HIPAA/HITECH Rule – What to Expect and What to Do Now

June 5, 2012

On March 24, 2012, the Department of Health and Human Services (HHS) sent the much-anticipated rule implementing the HITECH Act changes to HIPAA (HITECH Rule) to the Office of Management and Budget (OMB). This starts the clock running on the 90-day period allowed for OMB review. It is expected that, given the scope of the (...) [Read More]

Categories: HIPAA Business Assoicate, HIPAA Privacy Rule, HIPAA Security Rule, HITECH Comments (6)
Tags: , , , , ,

OCR Settles HIPAA Violations with Small Physician Practice

April 24, 2012

On the heels of its $1.5 million settlement with a large payor, Blue Cross Blue Shield of Tennessee, the Department of Health and Human Services Office for Civil Rights (OCR) announced on April 17, 2012, that it settled with a small physician practice for HIPAA safeguard violations. Phoenix Cardiac Surgery, P.C., a practice owned by (...) [Read More]

Categories: HIPAA, HIPAA Security Rule Comments (2)
Tags: , ,

Why You Need to Worry AGAIN about HIPAA: Seven Practical Tips

July 19, 2011

In this age of information overload, it is no wonder that privacy incidents are on the minds of regulators, the media and patients. Electronic information in all forms comes at us faster and faster, leaving the recipient without much time to discern among appropriate privacy levels. The increased use of social media and the reality (...) [Read More]

Categories: HIPAA, HIPAA Audits, HIPAA Privacy Rule, HIPAA Security Rule Comments (0)
Tags: , , , , ,