Healthcare Information Security

HIPAA Privacy Rule

Azar Issues 2nd HIPAA Privacy Rule Waiver in As Many Months

October 12, 2018 - As in the case of Hurricane Florence, HHS Secretary Alex Azar has waived sanctions and penalties under certain HIPAA Privacy Rule provisions for areas impacted by Hurricane Michael. The waiver is intended to enable greater information sharing in response to Hurricane Michael, which devasted the Panhandle of Florida and caused significant damage in Georgia. Azar has declared a public...


More Articles

Iowa County Government Employee Alleges HIPAA Violation

by Fred Donovan

An employee of the Iowa’s Mahaska County government alleged that another employee committed a HIPAA violation when she locked a member of the public inside a building where files containing PHI were stored unsecured, the...

Congress Urged To Align 42 CFR Part 2 With HIPAA Privacy Rule

by Fred Donovan

The Partnership to Amend 42 CFR Part 2 is urging Congress to include the Overdose Prevention and Patient Safety Act (HR 6082), which would align 42 CFR Part 2 with the HIPAA Privacy Rule, in compromise opioid legislation that the House and...

Boston Hospitals Cough Up $1M for ‘Boston Trauma’ HIPAA Violations

by Fred Donovan

OCR announced Sept. 20 that it has fined three Boston-area hospitals close to $1 million for HIPAA violations involving the filming of ABC’s TV series “Save My Life: Boston Trauma.”* OCR reached HIPAA settlements with...

Azar Waives HIPAA Privacy Rule Sanctions for Hurricane Response

by Fred Donovan

HHS Secretary Alex Azar has waived sanctions and penalties under certain HIPAA Privacy Rule provisions that apply to hospitals to enable greater sharing of information in response to Hurricane Florence making landfall on the East...

HIPAA Privacy Rule Can Be Tool for Health Information Exchange

by Fred Donovan

Rather than being a barrier to information sharing and interoperability, the HIPAA Privacy Rule can be seen as a tool to facilitate health information exchange and flow across the health ecosystem, argued OCR and ONC in an Aug. 30 blog...

OCR Levies Close to $80M in HIPAA Privacy Rule Fines

by Fred Donovan

OCR has assessed close to $80 million in fines in 55 cases of HIPAA Privacy Rule violations since the rule took effect in April 2003, according to data on the HHS website. OCR has received 184,614 HIPAA complaints and has initiated 902...

HHS Pushes for Changes to HIPAA Privacy Rule, 42 CFR Part 2

by Fred Donovan

In the next few months, HHS plans to issue requests for information (RFIs) about changing the HIPAA Privacy Rule and 42 CFR Part 2 to make it easier for doctors, hospitals, and payers to coordinate in delivering value-based care and...

HATA Says PMS Vendors Want to Remain HIPAA Business Associates

by Fred Donovan

Currently, practice management software (PMS) vendors are considered HIPAA business associates  and therefore subject to the HIPAA Privacy and Security Rules, but not the HIPAA transactions and codes set requirements. The Healthcare...

AHA Urges Consumer Education on HIPAA Privacy Rule and Health Apps

by Fred Donovan

The American Hospital Association (AHA) is calling on the US federal government to develop a consumer education program to make it clear that commercial providers of health apps may not be subject to the HIPAA Privacy...

Judge Dismisses Lawsuit Charging LabCorp with HIPAA Violation

by Fred Donovan

US District Court Judge Rudolph Contreras dismissed a lawsuit by Hope Lee-Thomas accusing LabCorp of a HIPAA violation for not providing adequate privacy protections at its Providence Hospital computer intake station. Lee-Thomas argued in...

Hospital Faxes Records to Wrong Person in Apparent HIPAA Violation

by Fred Donovan

OhioHealth’s Grant Medical Center has been sending faxes with patient information to the wrong person for months in an apparent HIPAA violation, reported ABC6 in Columbus, Ohio, on June 18. The information in the faxes...

House Passes Bill to Align SUD Rules with HIPAA Privacy Rule

by Fred Donovan

By a vote of 357-57, the US House passed the Overdose Prevention and Patient Safety Act (HR 6082) on June 20, which would align privacy protections for substance use disorder (SUD) patients with the HIPAA Privacy Rule. HR 6082 would...

Common Rule’s Final Version Exempts Certain HIPAA Covered Entities

by Fred Donovan

The federal government has issued the final rule for the Federal Policy for the Protection of Human Subjects, known as the Common Rule, that allows, among other things, more secondary research of EHR data by exempting low-risk studies...

WHS Suspends Dozen Employees for Alleged HIPAA Violations

by Fred Donovan

Pennsylvania-based Washington Health System (WHS) has suspended around a dozen employees for alleged HIPAA violations involving inappropriately accessing patient records in a high-profile case, the Observer-Reporter newspaper reported June...

Judge Upholds $4.3M Fines against MD Anderson for HIPAA Violations

by Fred Donovan

An HHS Administrative Law Judge (ALJ) ruled that the University of Texas MD Anderson Cancer Center (MD Anderson) must pay $4.3 million in civil money penalties for HIPAA violations. The judge backed OCR in its proposed determination,...

OCR Guidance Tackles PHI Research Use Under HIPAA Privacy Rule

by Fred Donovan

OCR has issued new guidance on the HIPAA Privacy Rule that explains certain requirements for an authorization to use or disclose PHI for research and clarifies aspects of the individual’s right to revoke an authorization. The...

Did EMS Worker Commit HIPAA Violation With Facebook Post?

by Fred Donovan

Did an emergency medical services (EMS) worker in Roane County, Tennessee, commit a HIPAA violation with a Facebook post that described the peculiar location of an emergency response—a chicken coop? The EMS worker was part of a...

Personal Injury Attorney Ads Could Raise Patient Privacy Issues

by Fred Donovan

In a new trend that could raise patient privacy concerns, personal injury attorneys and marketers are using geofencing technology to deliver targeted advertisements to patients’ mobile phones when they visit emergency rooms or...

Does EHR Patient Access Fall Short of HIPAA Compliance?

by Fred Donovan

Patients and healthcare organizations face numerous challenges when providing EHR patient access for HIPAA compliance, according to a report released May 14 by the Government Accountability Office (GAO). Among the challenges faced by...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...