HIPAA

HHS Reaches Settlement With NJ Provider Over Potential HIPAA Privacy Rule Violations

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced a settlement with Manasa Health Center, a psychiatry provider in New Jersey, over a potential HIPAA Privacy Rule violation. According to an April 2020...

Arizona Man Pleads Guilty to Criminal HIPAA Violation

by Jill McKeon

United States District Court Senior Judge James T. Moody sentenced Rico Prunty, a 41-year-old resident of Sierra Vista, Arizona, to 54 months in prison for a criminal HIPAA violation. Prunty pleaded...

AHA Urges OCR to Suspend or Amend Online Tracking Guidance

by Jill McKeon

The American Hospital Association (AHA) urged the HHS Office for Civil Rights (OCR) to reconsider its December 2022 Online Tracking Guidance, suggesting that its definition of protected health...

OCR Settles HIPAA Investigation With Revenue Cycle Management Company

by Jill McKeon

The HHS Office for Civil Rights (OCR) settled a HIPAA investigation with MedEvolve, an Arkansas-based business associate that provides revenue cycle management, practice management, and practice...

OCR Resolves HIPAA Right of Access Case With Pennsylvania Therapist

by Jill McKeon

The HHS Office for Civil Rights (OCR) settled a potential HIPAA right of access violation with Pittsburgh, Pennsylvania-based licensed counselor David Mente, MA, LPC. The psychotherapy provider must...

Ex-Methodist Staff Plead Guilty to Illegal PHI Exposure in HIPAA Violation Case

by Sarai Rodriguez

Six individuals, including five former Methodist Hospital employees, face sentencing for HIPAA violations after pleading guilty to the unauthorized disclosure of personal health information (PHI)...

Pandemic-Era Telehealth Rules Set to Expire in May, Shifting HIPAA Compliance Obligations

by Jill McKeon

The COVID-19 public health emergency (PHE) is set to end on May 11, marking the expiration of many pandemic-era support programs and lighter compliance obligations. As such, the HHS Office for Civil...

NY Law Firm Pays $200K Over Healthcare Data Security Failures

by Jill McKeon

The office of New York Attorney General Letitia James announced a $200,000 settlement with law firm Heidell, Pittoni, Murphy, & Bach LLP (HPMB) for failing to implement proper healthcare data...

HHS Requests $78M in Funding For OCR in Next Fiscal Year

by Jill McKeon

HHS requested $78 million in funding for its Office for Civil Rights (OCR) for FY 2024, signifying a $38 million increase from last year’s budget. The requested budget increase follows HHS’...

Oregon Health System Uncovers 9-Year HIPAA Violation by Physician

by Sarai Rodriguez

Asante, an Oregon-based health system, has informed patients about a HIPAA violation caused by a physician who compromised protected health information (PHI) without a valid clinical need. For nearly...

HHS Restructures OCR to Better Handle Increased HIPAA Complaint Volume

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced new restructuring efforts, including the formation of three new divisions, in order to better manage its increased volume of HIPAA and HITECH complaints...

HHS Delivers 2 Reports to Congress On Healthcare Data Breaches, HIPAA Compliance

by Jill McKeon

The HHS Office for Civil Rights (OCR) delivered two reports to Congress that shed light on healthcare data breaches and HIPAA compliance efforts logged during the 2021 calendar year. The reports...

Senators Introduce Bill to Bolster HIPAA Protections For Patients Seeking Reproductive Healthcare

by Jill McKeon

US Senators Michael Bennet (D-CO) and Mazie Hirono (D-HI) introduced the Secure Access for Essential Reproductive (SAFER) Health Act, which offers strengthened HIPAA protections that would prohibit...

How to Properly Dispose of Electronic PHI Under HIPAA

by Jill McKeon

Improper disposal of protected health information (PHI), whether a paper record or a digital file, can result in HIPAA violations and significant fees. For example, in 2020, the New Jersey Division of Consumer Affairs and the New Jersey...

How to Properly Dispose of Paper Medical Records, Physical PHI Under HIPAA

by Jill McKeon

Improper disposal of protected health information (PHI) can result in HIPAA violations, Office for Civil Rights (OCR) investigations, and hefty fines. For example, in August 2022, OCR settled a case with a Massachusetts-based dermatology...

OCR Settles Potential HIPAA Violation After Dental Practice Discloses PHI on Yelp

by Jill McKeon

The HHS Office for Civil Rights (OCR) reached a settlement with California-based New Vision Dental (NVD), over a potential HIPAA violation. The practice paid OCR $23,000 and agreed to implement a...

FTC, HHS Update Mobile Health App Data Privacy Compliance Tool

by Jill McKeon

The Federal Trade Commission (FTC) and HHS updated their Mobile Health App Interactive Tool, designed to help mobile health app developers understand which data privacy laws apply to their apps. The...

AHA Shares Recommendations Regarding Cybersecurity Policy Proposals

by Sarai Rodriguez

Hospitals and healthcare systems have implemented the necessary steps to protect patients and defend their networks from cyberattacks, but they need future support through cybersecurity policies to...

OCR Outlines Proper Use of Tracking Tech to Maintain HIPAA Compliance

by Jill McKeon

Following reports that patient data was transmitted to Facebook through the use of tracking technology on hospital websites and within password-protected patient portals, the HHS Office for Civil...

HHS Proposes New Rule to Align 42 CFR Part 2 With HIPAA

by Jill McKeon

In a new Notice of Proposed Rulemaking (NPRM), the HHS Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA) proposed updates to the Confidentiality...