Healthcare Information Security

Patient Privacy Rights

House Debates Bill to Align SUD Rules with HIPAA Privacy Rule

May 9, 2018 - Supporters and opponents of a bill that would align privacy protections for substance use disorder (SUD) patients with the HIPAA Privacy Rule faced off during a May 8 hearing of the House Energy and Commerce Committee’s health subcommittee. The Overdose Prevention and Patient Safety Act (HR 3545) would amend 42 CFR Part 2, which is intended to protect the confidentiality of people who...


More Articles

Senate Bill Has Version of Jessie’s Law, Not Aligned with HIPAA Privacy Rule

by Fred Donovan

The Senate Health, Education, Labor and Pensions Committee this week passed the Opioid Crisis Response Act of 2018 (S 2680) with a broad range of measures to combat the opioid epidemic, including a version of Jessie’s Law that allows for...

Health Data Privacy Rears Its Head at Facebook Hearing

by Fred Donovan

During Congressional hearings last week, Rep. Marsha Blackburn (R-Tenn.) called on Facebook Chairman and CEO Mark Zuckerberg to support her bill, Balancing the Rights of Web Surfers Equally and Responsibly (BROWSER) Act, which would require companies...

Patient Privacy Protections Extended to EOB in Massachusetts

by Fred Donovan

Patient privacy protections have been extended to cover explanation of benefits (EOB) summaries sent out by health insurers, under a Massachusetts bill signed in to law by Governor Charlie Baker (R) earlier this month. Sensitive health information...

Data Privacy Rights Hinder Effective Treatment, Warns AHA

by Fred Donovan

The American Hospital Association (AHA) is pushing for passage of HR 3545, the Overdose Prevention and Patient Safety Act, which would curb data privacy rights under 42 Code of Federal Regulations (CFR) Part 2 that prevent healthcare providers...

How EU Data Privacy Rule Could Impact US Healthcare Providers

by Fred Donovan

US healthcare organizations that handle personal information of EU individuals will face stricter regulatory requirements and possibly hefty fines under the EU’s new data privacy rule set to take effect May 25, 2018. The General Data Protection...

25% of Patients Did Not Access Data Over Patient Privacy Concerns

by Fred Donovan

The HIPAA Privacy Rule guarantees patient data access as well as patient privacy.   While both guarantees are important, they can sometimes be at odds. The goal of HHS under the HIPAA Privacy Rule is to ensure patient privacy is protected,...

Federal Lawsuit Filed Following Alleged CVS Health Data Breach

by Elizabeth Snell

Three plaintiffs filed a federal lawsuit on March 21, 2018, claiming that a CVS Health data breach exposed the PHI of over 6,000 individuals, including revealing the HIV status of the individuals.  CVS Health, Caremark LLC (a subsidiary...

AHIMA Continues Push for Balance in Patient Data Access, Security

by Elizabeth Snell

Healthcare professionals should have access to their patients’ entire medical history, but patient data access and data security measures must also be considered, AHIMA members said in meetings with Congress today. Access to substance abuse...

How the FTC Act, HIPAA Privacy Rule Impact Healthcare Orgs

by Elizabeth Snell

Collecting and sharing consumer health information is fairly standard practice for covered entities and their business associates. Organizations must ensure that they remain in compliance with the HIPAA Privacy Rule throughout that entire process,...

OCR Reiterates HIPAA Guidance for Opioid Crisis Response

by Elizabeth Snell

OCR recently discussed its current tools and initiatives in place to help organizations face the opioid crisis, touching on HIPAA guidance and how the agency is implementing the 21st Century Cures Act. OCR launched two new webpages focused on...

DE Data Breach Notification Law Includes Medical Information

by Elizabeth Snell

Delaware Governor John Carney signed a bill last week to update the state’s data breach notification requirements. As part of extending cybersecurity protections, the law accounts for medical information being compromised in data breaches....

Patient Privacy Included in Recent Opioid Records Senate Bill

by Elizabeth Snell

Recently passed legislation states that HHS will establish guidelines for when healthcare providers should prominently display a patient’s history of opioid use on his or her medical record. The bill also underlines the importance of maintaining...

CA Supreme Court Rejects Physician Patient Privacy Claim

by Elizabeth Snell

A California physician’s claim that the state medical board committed patient privacy violations when it obtained an individual’s prescription records without a warrant was recently rejected by the California Supreme Court. The medical...

Updated Google Policy May Affect Patient Data Security

by Elizabeth Snell

Google recently updated its privacy policy, which could have a positive effect on patient data security. As of last week, Google began removing private medical records from its search results. The Google “Removal Policies” page now...

Plaintiff Dismisses MDLive Patient Data Privacy Lawsuit

by Elizabeth Snell

The plaintiff in a patient data privacy lawsuit filed against MDLive, Inc. voluntarily dismissed the suit on June 2, 2017, according to a press release. Joan Richards had filed the class-action lawsuit, claiming that an MDLive app asked individuals...

ONC Privacy Policy Snapshot Challenge Winners Selected

by Elizabeth Snell

The ONC announced the winners of its Privacy Policy Snapshot Challenge, showing how Model Privacy Notice (MPN) generators can help consumers better understand a specific product’s privacy and security policies. Principal Deputy National...

Calif. Patient Privacy Case Reaches State Supreme Court

by Elizabeth Snell

Oral arguments in a patient privacy case were presented to the California Supreme Court earlier this week, claiming that controlled substance prescription data collected and submitted to the state justice department should remain protected. In...

MDLive Lawsuit Claims Patient Data Privacy Violations

by Elizabeth Snell

Allegations were recently filed against a telehealth provider, claiming that the company committed patient privacy violations and disclosed customer information to a third-party organization. MDLive, Inc. is facing a class-action lawsuit filed...

Do Healthcare Data Breach Lawsuits Have Reasonable Standards?

by Elizabeth Snell

Being able to prove fault in a healthcare data breach class action lawsuit is inherently difficult, but it is also important to understand the privacy expectations, according to a recent Corporate Clients Insight blog post. Data breach cases...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks