HIPAA

3 ways to prepare for impending HIPAA Security Rule updates

March 13, 2024 - In the decades since the HIPAA Security Rule was enacted, it has remained a crucial tool to covered entities and business associates as they navigate the multitude of cybersecurity risks that trouble the healthcare sector. HIPAA’s flexible and scalable nature allows covered entities to implement the technical, physical, and administrative safeguards that are reasonable for each...


More Articles

HHS Delivers Reports to Congress on HIPAA Compliance, Enforcement

by Jill McKeon

The HHS Office for Civil Rights (OCR) delivered two reports to Congress on HIPAA compliance and enforcement efforts logged by the department during the 2022 calendar year. HHS is required to...

HHS Settles Ransomware Investigation With Behavioral Health Provider

by Jill McKeon

Green Ridge Behavioral Health agreed to pay $40,000 and implement corrective actions to resolve a ransomware investigation conducted by the HHS Office for Civil Rights (OCR). This marks the second-ever...

HHS Finalizes Changes to Substance Use Confidentiality Regulations

by Jill McKeon

HHS, via the Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), announced its finalized changes to the Confidentiality of Substance Use...

OCR Reaches $4.75M Settlement With NY Health System

by Jill McKeon

UPDATE 2/7/2024 - This article has been updated to include a statement from a Montefiore Medical Center spokesperson. The HHS Office for Civil Rights (OCR) announced a $4.75 million settlement with...

OCR Settles Multiple HIPAA Right of Access Complaints With Optum Medical Care

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced its 46th enforcement action under the HIPAA Right of Access Initiative. The enforcement action resolved an investigation into Optum Medical Care, a...

HHS Settles HIPAA Investigation With St. Joseph’s Over PHI Disclosure to Media

by Jill McKeon

The HHS Office for Civil Rights (OCR) completed a HIPAA investigation into New York-based Saint Joseph’s Medical Center following claims that the organization had impermissibly disclosed COVID-19...

Understanding the Nuances of the Healthcare Cybersecurity Regulatory Landscape

by Jill McKeon

Considering the complexity and magnitude of cyber threats facing the healthcare sector today, it stands to reason that the regulations that aim to protect patients and organizations from these threats must be equally intricate. These...

AHA: OCR Tracking Technology Rule Violates HIPAA Regulations

by Victoria Bailey

The American Hospital Association (AHA) has urged Congress and the HHS Office for Civil Rights (OCR) to withdraw the rule related to online tracking technologies, arguing that it violates HIPAA...

Indiana AG Sues IU Health For Violating Patient Privacy of 10-Year-Old Rape Victim

by Jill McKeon

Indiana Attorney General Todd Rokita filed a lawsuit against the University of Indiana Health (IU Health) and IU Healthcare Associates over their alleged failure to safeguard patient privacy and abide...

Senator Seeks Stakeholder Feedback on Improving Health Data Privacy

by Jill McKeon

Healthcare stakeholders have an opportunity to provide feedback to the Senate on improving health data privacy in the US, thanks to a request from US Senator Bill Cassidy (R-LA), a ranking member of...

OCR Reaches $1.3M Settlement With LA Care Over Potential HIPAA Violations

by Jill McKeon

LA Care, a Los Angeles-based health plan, agreed to a $1.3 million settlement and corrective action plan (CAP) to resolve potential HIPAA violations uncovered during two HHS Office for Civil Rights...

UnitedHealthcare Resolves HIPAA Right of Access Case With $80K Settlement

by Jill McKeon

The HHS Office for Civil Rights (OCR) reached a settlement with UnitedHealthcare Insurance Company (UHIC) to resolve potential HIPAA right of access violations. UHIC, a health insurer that provides...

Lawmakers Ask HHS to Expand Proposed HIPAA Rule, Require Warrant For PHI

by Jill McKeon

Spearheaded by United States Senators Ron Wyden (D-OR) and Patty Murray (D-WA), and US Representative Sara Jacobs (D-CA), lawmakers sent a letter to HHS Secretary Xavier Beccera urging the...

OCR Reinforces Importance of Multi-Factor Authentication in Healthcare

by Jill McKeon

Strong authentication practices can help healthcare organizations mitigate breach risk and maintain compliance, the HHS Office for Civil Rights (OCR) reminded covered entities in its June 2023...

HHS Settles HIPAA Investigation With Healthcare Business Associate

by Jill McKeon

The HHS Office for Civil Rights (OCR) settled a HIPAA investigation involving iHealth Solutions (also known as Advantum Health), a healthcare business associate that provides coding, billing, and IT...

Senators Seek Answers From Amazon Over Collection of Patient Data

by Jill McKeon

Senators Peter Welch (D-VT) and Elizabeth Warren (D-MA) sent a letter to Amazon President and CEO Andy Jassy expressing concern over the privacy practices of Amazon Clinic, the...

24 Attorneys General Express Support For Bolstering Reproductive Care HIPAA Protections

by Jill McKeon

The Biden Administration recently proposed amendments to HIPAA that aim to protect patients and providers from prosecution in relation to the provision of reproductive healthcare. In response to the...

Medical Record Snooping Case Leads to $240K HIPAA Settlement

by Jill McKeon

The HHS Office for Civil Rights (OCR) reached a HIPAA settlement with Yakima Valley Memorial Hospital to resolve a medical record snooping case involving 23 security guards. Yakima Valley Memorial...

HHS Reaches Settlement With NJ Provider Over Potential HIPAA Privacy Rule Violations

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced a settlement with Manasa Health Center, a psychiatry provider in New Jersey, over a potential HIPAA Privacy Rule violation. According to an April 2020...