Showing 6 posts in HIPAA.
HIPAA Compliance Considerations During the Pandemic
This article has been updated with new information since it was originally published on November 16, 2020.
As health care providers continue to face new challenges relating to the COVID-19 pandemic, it is important for providers to maintain compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Although the Department of Health and Human Services Office for Civil Rights (“OCR”) has loosened some requirements to allow health care providers flexibility during the COVID-19 pandemic, a majority of the patient protections under the HIPAA Privacy Rule have remained intact. Read More ›
Categories: Compliance, Cybersecurity, Electronic Health Records, HIPAA
Michigan Marijuana Retailers: Data Privacy and Cybersecurity Risks
More than 30 states have legalized medical marijuana and more than 10 have legalized marijuana for recreational use, including Michigan in a 2018 ballot proposal. Marijuana retailers have significant issues to address as the industry and the rules governing it mature over time. Among those issues, retailers should not overlook data privacy and cybersecurity issues. Read More ›
Categories: Cybersecurity, Electronic Health Records, HIPAA
HHS Office for Civil Rights Publishes Checklist for HIPAA Covered Entities Responding to Cybersecurity Incidents
The U.S. Department of Health and Human Service's Office for Civil Rights ("OCR") recently published guidance for entities covered by HIPAA, entitled "My entity just experienced a cyber-attack! What do we do now?" Read More ›
Categories: Cybersecurity, Digital Assets, Electronic Health Records, Fraud & Abuse, HIPAA
Assembling Your Company's Data Breach Response Plan
No matter how carefully, thoughtfully and diligently a company works to prevent it, data breaches happen. Company management, IT teams and outside consultants can do everything right and still end up dealing with a breach. That means that knowing how to best respond when (not if) a breach happens should be part of every company’s data protection strategy.
We recommend that every company assemble a security breach team, consisting of individuals inside and outside of the organization who possess different skill sets. This may include technology officers, as well as staff from IT, human resources, communications, legal departments, outside counsel, and outside vendors. The composition of the team will depend on the type and size of the organization, but each member should be in a position and have skills that enable the organization to quickly and properly respond to an incident. The team must also be equipped, authorized and empowered to evaluate and immediately react to an incident once it has occurred. Read More ›
Categories: HIPAA, News, Privacy, Technology
Filming for TV Show Results in HIPAA Violation and $2.2 Million Settlement Paid by New York Presbyterian Hospital
It’s not uncommon for “covered entities” such as hospitals and health systems to violate the Privacy Rule under the Health Insurance Portability and Protection Act of 1996 (“HIPAA”). A stolen laptop or misplaced file can expose information that should be protected. Rarely, however, does a violation arise from the filming of a television show. But that’s exactly what happened in the case of New York Presbyterian Hospital (“NYP”), which recently entered into a settlement with the Department of Health and Human Services, Office for Civil Rights (“OCR”) for $2.2 million. Read More ›
Categories: HIPAA, Privacy
Into the Breach . . .
Smartphone usage has skyrocketed in the past few years. Physicians are no exception to the trend - with more than 81% of physicians using smartphones. Disturbingly, the number of health data breaches has risen in tandem with increased smartphone usage, and most experts agree that the increase is no coincidence.
Recent reports have indicated that 96% of all health care organizations have experienced at least one data breach during the past two years. Although the report did not detail the number of data breaches attributable to mobile devices, there is agreement that the widespread use of mobile devices is putting patient data at risk. Read More ›
- Entity Planning
- Intellectual Property
- Employee Benefits
- Personal Publicity Rights
- Labor Relations
- Did you Know?
- Chapter 11
- Digital Assets
- Domain Name Registration
- Social Media
- Sales Tax
- Alerts and Updates
- Mergers & Acquisitions
- Trade Secrets
- Entity Selection, Organization & Planning
- Electronic Health Records
- Tax Disputes
- Estate Planning
- Department of Labor
- Fraud & Abuse
- Legislative Updates
- IT Contracts
- Cloud Computing
- Venture Capital/Funding