Website and Other Tracking Code May Violate HIPAA
In July, the independent journalism site, The Markup, discovered one-third of the top 100 hospitals in the [...]
The HIPAA Guide - Celebrating 15 Years Online
HIPAA Regulatory Updates
HHS and SAMHSA Propose Update to Better Align Part 2 Regulations with HIPAA
An update to the 42 CFR Part 2 Confidentiality of Substance Use Disorder (SUD) Patient Records has been [...]
OCR Issues Guidance on HITECH Recognized Security Practices
The HHS’ Office for Civil Rights has issued guidance on Recognized Security Practices, how they must be [...]
NIST Releases Updates HIPAA Security Rule Compliance Guidance
The National Institute of Standards and Technology (NIST) has released the second revision of its HIPAA [...]
OCR Continues Crackdown on HIPAA Right of Access Violations with 11 More Fines
In late 2019, the U.S. Department of Health and Human Services’ Office for Civil Rights announced a new [...]
Oklahoma State University Settles HIPAA Investigation and Pays $875,000 Penalty
An investigation conducted by the HHS’ Office for Civil Rights (OCR) of a hacking incident at Oklahoma [...]
Senators Request HIPAA Privacy Rule Changes to Better Protect Reproductive Health Care Information
Two senators have written to the Secretary of the Department of Health and Human Services asking for changes [...]
OCR Clarifies How HIPAA Applies to Reproductive Health Care Information in Response to SCOTUS Decision
The landmark decision of the Supreme Court in Dobbs vs. Jackson Women’s Health Organization, where the [...]
OCR to Seek Feedback from HIPAA-Regulated Entities on HIPAA Breach Reporting Process
The Government Accountability Office has published the findings of a report that assessed the breach [...]
Post-Pandemic Audio-only Telehealth Services and HIPAA Compliance
In March 2020, the HHS’ Office for Civil Rights (OCR) issued a Telehealth Notification that included a [...]
New Legislation Considered for Improving Medical Device Cybersecurity
A bipartisan bill has been proposed to update the Federal Food, Drug, and Cosmetic Act (FD&C Act) to [...]
Public Comment Requested by OCR on Two Outstanding Requirements of the HITECH Act
The Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act) called for the [...]
OCR Director Says HIPAA-Regulated Entities Need to Improve Their Security Posture in 2022
Lisa J. Pino, Director of the Department of HEalth and Human Services’ (HHS) Office for Civil Rights [...]
Legislation Introduced to Start the Process of Modernizing U.S. Health Data Privacy Laws
The Health Insurance Portability and Accountability Act (HIPAA) is more than 25 years old, and it was more [...]
The Deadline for Reporting Small 2021 Healthcare Data Breaches is Fast Approaching
The Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA) requires [...]
COVID-19 Public Health Emergency Extended for Further 90 Days
On January 27, 2020, the Secretary of the Department of Health and Human Services, Alex Azar, announced a [...]
New Jersey Companies Settle State HIPAA Investigation and Pay $425,000 Penalty
The New Jersey attorney general has been the most active enforcer of compliance with the Health Insurance [...]
5 Healthcare Providers Slapped with Financial Penalties for HIPAA Right of Access Violations
The Department of Health and Human Services’ Office for Civil Rights (OCR) launched an enforcement [...]
States Introduce Laws Covering the Collection, Use, and Sharing of Genetic Data
Most healthcare organizations in the United States are required to comply with the Health Insurance [...]
New Jersey Agrees $130,000 HIPAA Settlement with Two Printing Companies
Two printing/mailing vendors have agreed to settle an investigation by the state of New Jersey that alleged [...]
Study Reveals Healthcare Organizations Are Overexposing Sensitive Data
Limiting access to protected health information (PHI) is one of the fundamental requirements of the Health [...]
$495,000 HIPAA Settlement Reached Between New Jersey and Fertility Clinic
An investigation by the state of New Jersey into a cyberattack on a fertility clinic has uncovered multiple [...]
OCR Issues Advice on HIPAA and Vaccination Disclosures
The introduction of vaccine mandates by employers, especially in healthcare, has raised questions about HIPAA [...]
HHS Appoints New Director of the Office for Civil Rights
Lisa J. Pino, Director, Office for Civil Rights The Department of Health and Human Services has announced a [...]
FTC Confirms Health Apps and Wearable Devices Covered by FTC Health Breach Notification Rule
The HIPAA Breach Notification Rule requires HIPAA-regulated entities to report data breaches and issue [...]
OCR Imposes $80,000 Fine on Nebraska Hospital for HIPAA Right of Action Violation
Children’s Hospital & Medical Center (CHMC) has agreed to settle a HIPAA Right of Access [...]
NIST Seeks Feedback on HIPAA Security Rule Implementation Guidance
In 2008, the National Institute of Standards and Technology (NIST) released guidance for HIPAA-covered [...]
HHS Information Blocking Regulations are Now in Effect
It has been a long time coming, but the information blocking regulations of the Office of the National [...]
Comment Period on Proposed HIPAA Privacy Rule Changes Extended Until May 6, 2021
On December 10, 2020, the Department of Health and Human Services published a Notice of Proposed Rulemaking [...]
HHS Announces Limited Waiver of HIPAA Fines and Sanctions in in Texas Due to Winter Storm
Norris Cochran, the Acting Secretary of the Department of Health and Human Services, has declared a public [...]
HIPAA Enforcement Discretion for Good Faith Use of Online or Web-based Scheduling Applications for COVID-19 Vaccination Appointments
The Office for Civil Rights (OCR) of the Department of Health and Human Services has announced it will be [...]
HHS Announces Largest Ever Financial Penalty for HIPAA Right of Access Failure
The U.S. Department of Health and Human Services has issued its largest ever HIPAA fine for noncompliance [...]
Safe Harbor Introduced for Covered Entities That Adopt Recognized Cybersecurity Best Practices
HIPAA covered entities and their business associates have been provided with a degree of protection against [...]
OCR Announces 13th HIPAA Right of Access Settlement
In 2019, the Department of Health and Human Services’ Office for Civil Rights announced a new HIPAA [...]
OCR Confirms Allowable Disclosures of ePHI to Health Information Exchanges for Public Health Purposes
The HHS’ Office for Civil Rights has issued new guidance to help HIPAA covered entities and their business [...]
2016/2017 HIPAA Compliance Audit Findings Published by HHS’ Office for Civil Rights
The long-awaited report from the Department of Health and Human Services’ Office for Civil Rights on the [...]
HIPAA Privacy Rule Updates Proposed by HHS
They have been a long time coming, but the Department of Health and Human Services has finally revealed a [...]
OCR Settles 5 More HIPAA Right of Access Cases
In 2019, the HHS’ Office for Civil Rights launched an enforcement initiative targeting organizations that [...]
Health Plans Added to June 2020 OCR Plasma Donation Guidance
In June 2020, the U.S Department of Health and Human Services (HHS) issued guidance explaining how HIPAA [...]
House of Representatives Votes to Remove Ban on HHS Funding National Patient Identifier System
For the second successive year, the U.S House of Representatives has voted to remove the ban on the [...]
OCR Issues Warning About Misleading Postcards Sent to Compliance Officers About HIPAA Security Risk Assessments
The Department of Health and Human Services’ Office for Civil Rights has issued an alert about a potential [...]
Lifespan Health System Slapped with $1 Million Fine for Noncompliance with the HIPAA Rules
For the second time in a week, the HHS’ Office for Civil Rights (OCR) has announced a fine has been imposed [...]
HHS Reviews COVID-19 Situation and Extends Public Health Emergency for Further 90 Days
On January 31, 2020, the Secretary of the Department of Health and Human Services declared the outbreaks of [...]
HHS Makes Changes to 42 CFR Part Substance Use Disorder Privacy Provisions
The Department of Health and Human Services Substance Abuse and Mental Health Administration (SAMHSA) has [...]
OCR Issues Guidance on Contacting Former COVID-19 Patients About Blood and Plasma Donations
The Department of Health and Human Services’ Office for Civil Rights has issued new HIPAA guidance to clear [...]
Film Crews Not Permitted in Hospitals Unless HIPAA Authorizations are Obtained from Patients, Warns OCR
Hospitals have been warned that they must not allow film crews into parts of hospitals where there is [...]
HHS Delays Enforcement of Information Sharing and Interoperability Rules
The new interoperability and data sharing rules that were announced by the HHS on March 9, 2020 were due to [...]
HHS Issues Notice of Enforcement Discretion for COVID-19 Community-Based Testing Sites
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a Notice of [...]
OCR Announces Enforcement Discretion for Business Associate Uses and Disclosure of PHI
On April 2, 2020, the Department of Health and Human Services’ Office for Civil Rights (OCR) issued another [...]
COVID-19 and HIPAA Guidance on Disclosures of PHI to First Responders
The HHS’ Office for Civil Rights has issued guidance on COVID-19 and HIPAA about the permitted disclosures [...]
2019 Novel Coronavirus and HIPAA Compliance
Important information on the 2019 Novel Coronavirus and HIPAA compliance, the limited HIPAA waiver announced [...]
HHS Publishes Final Interoperability, Information Blocking, and Data Sharing Rules
The U.S. Department of Health and Human Services has released its final interoperability, information [...]
$100,000 HIPAA Fine Imposed on Physician Practice for Security Rule Violations
A $100,000 HIPAA fine has been imposed on a solo physician practice for HIPAA Security Rule failures [...]
HHS Modifies Pharmacy HIPAA Transaction Requirements for Partially Filled Schedule II Drug Prescriptions
The Department of Health and Human Services (HHS) has issued a final rule modifying the pharmacy HIPAA [...]
Fee Limitations on Requests to Send Patient Records to Third Parties Lifted
Following a ruling in a federal court that went against the U.S. Department of Health and Human Services, the [...]
OCR Makes Inflation Adjustment to HIPAA Civil Monetary Penalties
The Office of the Assistant Secretary for Financial Resources (ASFR), Department of Health and Human [...]
Updated Security Risk Assessment Tool Released to Help Covered Entities with HIPAA Security Rule Compliance
The Department of Health and Human Services’ Office for Civil Rights (OCR) has released an updated version [...]
More Financial Penalties for HIPAA Right of Access Compliance Failures Expected
At the OCR/NIST HIPAA Security Conference in Washington D.C., the Director of the Department of Health and [...]
Senate Stalls on Lifting of Ban on Funding National Patient Identifier System
The Health Insurance Portability and Accountability Act of 1996 called for the Department of Health and Human [...]
HHS Proposes Changes to Ease Restrictions on Part 2 Substance Abuse Disorder Treatment Records
A new rule has been proposed by the Substance Abuse and Mental Health Services Administration (SAMHSA) that [...]
HHS Issues Guidance on Managing Malicious Insider Threats
The Department of Health and Human Services’ Office for Civil Rights has issued guidance for HIPAA-covered [...]
National Association of Attorneys General Urges Congress to Align Part 2 with HIPAA
The National Association of Attorneys General (NAAG) has written to Congress demanding changes be made to [...]
OCR Publishes New HIPAA FAQ for Health Plans on Care Coordination and Continuity of Care PHI Disclosures
New HIPAA guidance for health plans has been published by the Department of Health and Human Services’ [...]
Almost 2 Million Records Exposed in May 2019 Healthcare Data Breaches
It has been another bad month for the U.S. healthcare industry. Rather than April’s record number of [...]
Medical Informatics Engineering Issued with $100,000 HIPAA Violation Penalty
The Department of Health and Human Services’ Office for Civil Rights has announced a settlement has been [...]
OCR Issues New Advice on HIPAA and Software Applications Used by Patients to Access PHI
The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued new advice on HIPAA [...]
HHS Changes Maximum Penalties for HIPAA Violations
The Department of Health and Human Services (HHS) has made changes to the maximum penalties for HIPAA [...]
CMS Starts HIPAA Simplification Rules Audits
The Centers for Medicare and Medicaid Services (CMS) Division of National Standards has recently announced [...]
Deadline Extended for Comments on HHS Health IT and ePHI Interoperability Rules
New rules were published by the Department of Health and Human Services’ Office of the National Coordinator [...]
Stricter Breach Notification Laws Proposed by D.C. Attorney General
Washington D.C. Attorney General Karl A. Racine wants to reinforce data breach notification regulations to [...]
Dental Offices May Be Fined for Slow Release of Copies of Dental Records
The Dental Board of California revealed in a recent report that some dentists in the state are not giving [...]
Biometric Information Privacy Act Proposed by Florida Lawmakers
New bills (SB 1270 /HB 1153) have been proposed by Senator Gary Farmer (D-FL) and Representative Bobby DuBose [...]
New HIPAA Regulations in 2019
Though there were HIPAA updates being considered by OCR in 2018, the pace of change is slow and it could well [...]
New Jersey Assembly Approves Expanded Definition of Personal Information Requiring Breach Notifications
The New Jersey Assembly unanimously approved a bill that broadens the types of personal data that call for [...]
IRS Warns About Tax-Related Phishing Scams
The IRS has launched its 2019 ‘Dirty Dozen’ campaign, which cautions taxpayers about the 12 most commonly [...]
Nevada Senator Introduces New Data Privacy Act
Nevada Senator Catherine Cortex Masto, (D-NV) recently proposed a bill called the Data Privacy Act, which [...]
New Rules on Patient Access and Information Blocking Proposed by ONC and CMS
The HHS’ Office of the National Coordinator for Health Information Technology (ONC) and the Centers for [...]
Wyoming Hospital Records Act of 1991 May be Repealed
Wyoming is contemplating repealing the Hospital Records Act of 1991. The act was created to make sure [...]
Guidance for Medical Device Manufacturers Sharing Data with Patients Issued by FDA
The U.S. Food and Drug Administration (FDA) has released guidelines for medical device manufacturers who [...]
Revised Common Rule Now In Effect
The Federal Policy for the Protection of Human Subjects (45 CFR part 46), also called the Common Rule, has [...]
AMIA and AHIMA Want Adjustments to HIPAA to Improve Accessibility and Portability of Health Information
The American Medical Informatics Association (AMIA) and the American Health Information Management [...]
Greater Alignment of Federal Data Privacy Rules Needed
The American Medical Informatics Association (AMIA) is requesting the Health Insurance Portability and [...]
HHS Plans Request for Information to Discover Issues Hampering Patient Information Sharing and Care Coordination
The HHS has prepared a Request for Information (RFI) to find out how HIPAA Rules are obstructing the sharing [...]
OCR Campaign to Boost Understanding of Civil Rights Protections for Patients Undergoing Opioid Use Disorder Treatment
On October 26, 2017, U.S. President Donald Trump declared that the opioid crisis in the United States was a [...]
Changes in HIPAA Regulations and Enforcement in 2018
What changes in HIPAA regulations could be expected in 2018? Are there new HIPAA regulations expected to be [...]
Limited Waiver of HIPAA Penalties in Florida and Georgia in Aftermath of Hurricane Michael
Alex Azar, secretary of the Department of Health and Human Services (HHS) has waived HIPAA sanctions and [...]
Three Legislation Changes on HIPAA Regulations in 2018 Under Consideration by OCR
Because of the policy of two out for every new regulation, it is likely that there will be few new HIPAA [...]
How is the HITECH Act Related to HIPAA and Electronic Health and Medical Records?
The Health Insurance Portability and Accountability Act (HIPAA) was enacted in August 1996. It was updated in [...]
California Legislature Approves California Consumer Privacy Act Changes
In June 2018, the California Consumer Privacy Act (CCPA) was approved by the California legislature. The Act [...]
OCR Pubishes Guidance on Patient Data Sharing During a Public Health Emergency
Following President Trump’s declaration of a public health emergency in Virginia due to Hurricane [...]
OCR Reminds Healthcare Organizations to Secure Electronic Media and Devices With ePHI
The Department of Health and Human Services’ Office for Civil Rights has reminded HIPAA-covered entities of [...]
HIPAA Violation Cases: 2013 – 2017
This page contains a summary of HIPAA violation cases which led to settlements with the Department of Health [...]
OCR Reminds Healthcare Companies the Proper Disposal of Electronic Devices and Media
The Department of Health and Human Services’ Office for Civil Rights, in the July edition of its [...]
HHS to Release Information for the Proposed Changes on Federal Health Privacy Rules
Alex Azar, Secretary of the Department of Health and Human Services (HHS), explained in an address at The [...]
New Massachusetts Bill Proposes 18 Months Complimentary Credit Monitoring Services for Data Breach Victims
A new bill has been proposed in the state of Massachusetts that aims to enhance protections for customers [...]
Patient Privacy and Security Are Most Important to Consumers According to Aetna Survey
Health insurer Aetna conducted a survey about consumers’ attitudes toward healthcare, their associations [...]
OCR Explains the Importance of Patch Management for HIPAA Compliance
OCR has reminded healthcare organizations of the importance of patch management for HIPAA compliance. Patches [...]
AHA Provides Extensive Feedback on CMS’ Hospital Inpatient Prospective Payment System Proposed Rule
The American Hospital Association (AHA) has submitted extensive comments about the HHS’ Centers for [...]
Common Rule Compliance Date Now January, 19 2019
The federal government published on June 19, 2018 the final rule for the Federal Policy for the Protection of [...]
There’s No Private Cause of Action in HIPAA According to District Court Ruling
Patients who think that there has been a violation of HIPAA Rules can send a complaint to the Department of [...]
New Data Protection Law Signed in Colorado
A new bill – HB 1128 – has been signed into law by Colorado Governor John Hickenlooper which [...]
New Apple Health Records API Allows Developers to Create Apps for Patients and Access EHR Data
Apple has launched an application programming interface (API) that developers can use to create health apps [...]
MGMA Urges CMS to Enforce Compliance with HIPAA Administrative Simplification Rules
The Department of Health and Human Services’ Office for Civil Rights has issued many financial penalties [...]
New Cybersecurity Law Covering the Insurance Industry Signed in South Carolina
South Carolina Governor Henry McMaster signed into law the South Carolina Insurance Data Security Act on May [...]
GAO Reports Patients Still Pay Excessive Fees for Copies of Their Medical Records
The Government Accountability Office (GAO) recently conducted an audit which showed that patients still face [...]
OCR Recommends Risk Analysis And Gap Analysis
OCR published in its April 2018 cybersecurity newsletter the importance of performing a gap analysis. While a [...]
Study Shows Gap Between Healthcare Compliance Programs and Expectations of Regulators
Most healthcare compliance officers prioritize the compliance of their organizations with the HIPAA Privacy [...]
ONC Published a New Patient Guidebook to Encourage Patient Health Record Access
The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) [...]
Three Proposed Changes to HIPAA Regulations in 2018
The Trump Administration has introduced a new rule that requires two regulations to be removed for any new [...]
Can Liquid Web Be Used by Healthcare Organizations Without Violating HIPAA Rules?
Liquid Web is a hosting solution provider that has been in the business for 20 years. Is it a HIPAA compliant [...]
Can Healthcare Organizations Use Zoho Without Violating HIPAA Rules?
A Pleasanton, CA-based company has been developing Zoho, a suite of cloud-based tools and applications, since [...]
Warning Against PHI Disclosure on Social Media
Using social media such as Facebook and Twitter can help healthcare organizations in several ways. It helps [...]
New Version of Colorado Data Breach Notification Bill Cuts Reporting to 30 Days
The Colorado data breach notification bill was introduced in January to protect residents against data [...]
Massachusetts Launched a New Online Data Breach Reporting Tool
The Massachusetts Attorney General’s office launched a new online data breach reporting tool. The purpose [...]
Proposed Amendments to the Iowa Breach Notification Act
Iowa Attorney General introduced a new bill that proposes changes to the Iowa Breach Notification Act. Since [...]
South Dakota Data Breach Notification Bill Introduced
There are only two U.S. states that do not have data breach legislation for the protection of their state [...]
Colorado Legislators Propose New Privacy and Data Breach Law
A bipartisan group of legislators in Colorado proposed changing its privacy and data breach notification laws [...]
New Bill Propose Changes to HIPAA Rules for Healthcare Clearinghouses
Congresswoman Cathy McMorris Rodgers (R-Washington) introduced a new bill (H.R 4613) to the U.S. House of [...]
Second Phase of HIPAA Compliance Audits Likely to Penalize the Noncompliant
Healthcare organizations will pay a big amount for noncompliance with HIPAA Rules. Despite the hefty [...]
Launch of OCR ‘s New WebPages Required by the 21st Century Cures Act
OCR is doing its part to deal with the opioid crisis in the United States and fulfill its responsibilities [...]
HHS Issued Partial HIPAA Privacy Rule Waiver for the Third Time in 2017
The U.S. Department of Health and Human Services issued a partial waiver of HIPAA sanctions and penalties for [...]
How Can HIPAA-Covered Entities Lower the Security Risks of Mobile Device Usage?
Healthcare organizations need to address the security risks associated with the use of mobile devices and [...]
Cottage Health To Pay $2 Million For Failure to Protect Patients’ Privacy and PHI
Santa Barbara-based Cottage Health has agreed to pay $2 million as a financial penalty for a breach case with [...]
HIV Status of its Members May Possibly Revealed in Amida Care Breach
The New York based not-for-profit community health plan provider Amida Care has reported a HIPAA breach that [...]
Clinical Worker Receives Five-Year Prison Sentence for Stealing PHI
A clinic employee has failed to get his 5-year jail term reduced. The man stole the protected health [...]
Clarification on HIPAA Rules on Sharing Patient Information on Opioid Overdoses Issued by OCR
The confusion about HIPAA Rules on sharing patient information on opioid overdoses has been clarified by the [...]
Sharing of EHR Passwords is Common: Report
According to the released results of a recent survey, the practice of sharing EHR passwords is commonplace, [...]
What is the HIPAA breach notification rule?
Despite the Health Insurance Portability and Accountability Act of 1996 being one of the most vital pieces of [...]
McGraw leaves Department of Health and Human Services’ Office for Civil Rights (OCR)
Deven McGraw, the Deputy Director for Health Information Privacy at the Department of Health and Human [...]
Is Dropbox HIPAA compliant?
Dropbox is a widely-used file hosting service used by many groups to share files, but is Dropbox HIPAA [...]
HIPAA Compliant Business Associates can be Found Easily Using New Tool
Healthcare groups are only authorized to use business associates that agree to adhere with HIPAA Rules and [...]
How many HIPAA Violations in 2016?
The Department of Health and Human Services’ Office for Civil Rights (OCR) has increased its enforcement [...]
Telemedicine HIPAA requirements
The Telemedicene HIPAA requirements affect any medical sector employee or healthcare organization that [...]
Limited Waiver of HIPAA Sanctions issues by HSS in aftermath of Californian Wildfires
A limited waiver of HIPAA sanctions and penalties was issued by the Secretary of the U.S. Department of [...]
What is HIPAA compliant texting?
The answer to the question “What is HIPAA compliant texting” is generally unclear. Although HIPAA does [...]
What are the HIPAA email compliance requirements?
There has been much debate about HIPAA email compliance requirements since amendments were made to the Health [...]
HIV Status of Amida Care Members Potentially Revealed Due to Mailing Error
Amida Care, the New York not-for-profit community health plan, has announced that it has experienced HIPAA [...]
HIPAA Encryption Requirements
HIPAA encryption requirements have proved a source of much confusion. This is due to the technical safeguards [...]
What are the HIPAA Requirements for Mobile Devices?
Healthcare organizations and other HIPAA-covered entities have embraced mobile technology and are permitting [...]
HHS Withdraws Proposed Certification Rule After Concerns Raised
The United States Department of Health and Human Services (HHS) proposed a new rule for certification of [...]
Why was HIPAA Created?
The Healthcare Insurance Portability and Accountability Act (HIPAA) was signed into law on August 21, 1996 [...]
What are the rules for HIPAA Compliant Telemedicine?
The rule for HIPAA Compliant Telemedicine in call centers is something every company, providing an answering [...]
What are the HIPAA Rules Regarding Text Messaging?
Labeling text messaging as a HIPAA violation is not strictly correct. Whether text messages are a violation [...]
What are the Penalties for HIPAA Violations?
The Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general can [...]
Initiative to Help Small Healthcare Providers with HIPAA Compliance Launched by HITRUST/AMA
A new initiative – that will assist small healthcare providers with HIPAA compliance, cybersecurity and [...]
New Proposals from AHA Aim to Reduce Regulatory Burdens
In a recent correspondence with the House Ways and Means Health Subcommittee, the American Hospital [...]
Hurricane Maria Disaster Zone Has Partial HIPAA Privacy Rule Waiver Imposed
The U.S. Department of Health and Human Services (HHS) has already imposed two partial waivers of HIPAA [...]
How the Compliancy Group Can Help Covered Entities Pass a HIPAA Audit
The second round of HIPAA compliance audits by the Department of Health and Human Services’ Office for [...]
OCR Encourage Patients to Get Copies of Their Health Data
The Department of Health and Human Services’ Office for Civil Rights has introduced a new campaign to [...]
Hospitals Within the Irma Disaster Zone Granted Limited HIPAA Waiver
A public health crisis was declared in some parts of the U.S. Virgin Islands, Florida and Puerto Rico, which [...]
OCR Tells Covered Entities to Prepare for Hurricanes and Other Natural Disasters
Hospitals in the states of Louisiana and Texas needed to make sure medical services are provided through the [...]
A Review of HIPAA Settlement Cases for Big Breaches in 2017
The Director of the Department of Health and Human Services’ Office for Civil Rights (OCR), Roger Severino, [...]
AHA Wrote Congress to Lessen Regulatory Pressure on Hospitals
The American Hospital Association (AHA) sent a letter to the House Ways and Means Health Subcommittee and [...]
HHS Declares in Hurricane Harvey Disaster Zone the Partial Waiver of Sanctions and Penalties for HIPAA Privacy Rule Violations
During emergency situations for example natural disasters, HIPAA Privacy Rule compliance can be a difficult [...]
FTC Published the Basics of Preventing Data Breaches
Next generation firewalls, intrusion detection systems, insider threat control solutions as well as data [...]
HIPAA-Covered Entities Violate the Breach Notification Rule When Delaying Breach Notifications
Under the HIPAA Breach Notification Rule (45 CFR §§ 164.400-414), covered entities need to notify the [...]
Protenus’ Insight on 2017 Breach Barometer Mid-Year Report
Protenus, together with Databreaches.net, made its Breach Barometer mid-year report. It discusses all [...]
HHS’ Final Rule on Confidentiality of Alcohol and Drug Abuse Patient Records Regulations
In February 2016, the Department of Health and Human Services proposed changes to the Confidentiality of [...]
Recent HIPAA Changes
The recent changes in HIPAA expand the scope of the Health Insurance Portability and Accountability Act as [...]
Certificates of Creditable Coverage Not Needed Any More Under HIPAA
Health plan providers and insurers have required Certificates of Creditable Coverage under the Health [...]
Copyright © 2007-2023 The HIPAA Guide Site Map Privacy Policy About The HIPAA Guide