OCR Highlights HIPAA Security Rule Incident Response Procedures
The HHS Office for Civil Rights (OCR) utilized its October newsletter to remind covered entities of their incident response obligations under the HIPAA Security Rule. The newsletter provided a...Doctor Pleads Guilty to HIPAA Violation, Wrongful Disclosure of PHI
Former physician Frank Alario, 65, admitted to a HIPAA violation in which he conspired to wrongfully disclose patients’ protected health information (PHI) to a pharmaceutical sales...OCR Settles Three HIPAA Right of Access Cases With Dental Practices
The HHS Office for Civil Rights (OCR) resolved three HIPAA right of access cases with three dental practices. The resolutions bring OCR’s total number of cases to 41 since it launched the HIPAA...Senators Once Again Ask HHS to Update HIPAA, Citing Patient Privacy Concerns
Spearheaded by US Senator Patty Murray (D-WA), a group of 30 Senators urged HHS and the Biden Administration to strengthen HIPAA protections in order to further safeguard patient privacy in the wake of...OCR Settles Improper PHI Disposal Case, Resolves Potential HIPAA Violation
The HHS Office for Civil Rights (OCR) settled a case with New England Dermatology and Laser Center (NEDLC) to resolve a potential HIPAA violation involving improper protected health information (PHI)...OCR Settles 11 HIPAA Right of Access Cases
The HHS Office for Civil Rights (OCR) announced 11 HIPAA Right of Access resolutions. OCR created the HIPAA Right of Access Initiative in 2019 to support patients' right to timely and...Oklahoma State University Agrees to $875K OCR Data Breach Settlement
Oklahoma State University – Center for Health Sciences (OSU-CHS) agreed to pay the HHS Office for Civil Rights (OCR) $875,000 in a data breach settlement. OSU-CHS also agreed to implement a...Abortion Restrictions Clash With HIPAA, Patient Privacy Protections
HIPAA clashes with patient privacy and health data protections relating to newly imposed abortion restrictions in several major ways, experts suggested in a recent JAMA Health Forum article. The...Senators Ask HHS to Update HIPAA Privacy Rule, Defend Reproductive Rights
US Senators Michael Bennet (D-CO) and Catherine Cortez Masto (D-NV) asked HHS to consider updating the HIPAA Privacy Rule to better defend reproductive rights in a recent letter. The Supreme...GAO Calls on HHS to Improve Healthcare Data Breach Reporting Process
In its latest report, the US Government Accountability Office (GAO) called on HHS to improve the healthcare data breach reporting process. Specifically, GAO urged HHS to create a mechanism for entities...ONC, OCR Release Updated Version of HHS Security Risk Assessment (SRA) Tool
The Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) released version 3.3 of the HHS Security Risk Assessment (SRA) Tool. ONC and OCR...OCR to Release Video on HITECH Recognized Security Practices
The HHS Office for Civil Rights (OCR) announced plans to produce a pre-recorded video presentation on the Health Information Technology for Economic and Clinical Health Act (HITECH) recognized security...Common HIPAA Administrative Safeguards Under The HIPAA Security Rule
Under the HIPAA Security Rule, covered entities must implement physical, technical, and administrative safeguards to safeguard electronic protected health information (ePHI). These safeguards help...CHI, MGMA Respond to OCR’s RFI On Recognized Security Practices Under HITECH
The Connected Health Initiative (CHI) and the Medical Group Management Association (MGMA) both responded to the HHS Office for Civil Rights’ (OCR) request for information (RFI) surrounding...Common HIPAA Physical Safeguards Under The HIPAA Security Rule
HIPAA physical safeguards are an essential aspect to any covered entity’s PHI security, but could easily be overlooked. Technical safeguards and administrative safeguards could easily be pushed to...OCR Seeks Public Input on Penalties, Security Measures Under HITECH
HHS’ Office for Civil Rights (OCR) issued a request for information (RFI) seeking feedback on two requirements under the Health Information Technology for Economic and Clinical Health Act...OCR Announces Four HIPAA Enforcement Actions
The HHS Office for Civil Rights (OCR) announced four HIPAA enforcement actions to hold healthcare providers accountable for potential HIPAA violations. Two of the actions stemmed from OCR’s HIPAA...EHNAC, HITRUST Partner to Promote Security, Privacy Standards
The Electronic Healthcare Network Accreditation Commission (EHNAC) and HITRUST announced a partnership to enhance security and privacy requirements under the Trusted Network Accreditation Program...Sponsored by SecureLink
