-
At a recent HIPAA seminar, the Office of Civil Rights (OCR) identified that they are evaluating HIPAA audit models. The present model requests certain records, reviews, cites errors/omissions and calls for corrective action. Privacy and security of Protected...
Posted to
News
by
Select Data
on
Mon, Apr 22 2013
Filed under:
Filed under: hipaa, electronic medical record, Home Health, Select Data, OCR, Office of Civil Rights, HIPPA, PHI, HIPPA HITECH, Patient Health Information, Audits
-
Compliance officers were awaiting the Office of Civil Rights (OCR) final rules on Breach Notification, Enforcement, and the modification to Privacy and Security Rules of HIPAA HITECH. Now that we have the regulations, it is time to review the basics in...
Posted to
News
by
Select Data
on
Mon, Apr 22 2013
Filed under:
Filed under: Home Health, Select Data, Compliance, OCR, Office of Civil Rights, HIPPA, PHI, HIPPA HITECH, personal health information, Corporate Compliance
-
In a sign that HHS is serious about small data breaches, the Office of Civil Rights (OCR) and The Hospice of North Idaho reached a settlement agreement to resolve allegations of a 2010 breach involving 441 patient records. OCR Director Leon Rodriguez reminded the industry that every covered entity, regardless...
Posted to
News
by
Health IT Law Blog
on
Thu, Jan 3 2013
Filed under:
Filed under: news, hipaa, HITECH, ARRA, data security, Articles, ED, OCR, HHS, Security, Patient records, Health Insurance Portability and Accountability Act, HITECH Act, Act, Privacy & Security, breach, data breach, American recovery and reinvestment act, Hospice, encryption, mobile device, mobile device security, HIPAA Security Rule, Idaho, U.S. Department of Health and Human Services, settlement, Higher, Higher Ed, records, ePHI, encrypt, computer security, Health Information Technology for Economic and Clinical Health Breach Notification Rule, impermissible use, HHS Office for Civil Rights, small scale, resolution agreement, electronic protected health information, settlement agreement, risk analysis, Health Information Technology for Economic and Clinical Health, Health Breach Notification Rule, civil penalty, HONI, Hospice of North Idaho, Covered Entities
-
No Just two and a half years after hosting a workshop on the HIPAA Privacy Rule's de-identification standard, the Office for Civil Rights (OCR) has issued its " Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability...
-
Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates (MEEI) will be paying HHS $1.5 million in installments over three years for a 2010 incident. While the most recent settlement of a similar size was for a data breach involving over a million EHRs, the MEEI data breach involved...
Posted to
News
by
Health IT Law Blog
on
Mon, Oct 1 2012
Filed under:
Filed under: news, Medical Records, hipaa, EHR, HITECH, ARRA, electronic health records, electronic medical records, data security, Articles, ED, OCR, Massachusetts, HHS, Security, HITECH Act, Legal, Act, Privacy & Security, privacy, data breach, American recovery and reinvestment act, encryption, risk, settlement, Higher, Higher Ed, EHR breach, Office for Civil Rights, medical practice, electronic files, patient confidentiality, patient privacy, U.S. Dept. of Health and Human Services, portable device
-
Posted to
News
by
The Doctor Weighs In
on
Sat, Sep 29 2012
Filed under:
Filed under: hipaa, HITECH, Physicians, penalties, Compliance, Institute for Health Technology Transformation, hospitals, OCR, Patient Safety, Health reform, Politics, People in healthcare, Sharp HealthCare, Health care professionals, Kaiser Permanente, Technology in healthcare, wireless health, encryption, Payment, Ponemon Institute, Health care & health policy, Politics & public policy, Change Management, awareness, MemorialCare Health System, non-compliance, iHT2, Medical Ethics, Office for Civil Rights, risk management, legal advice, hold harmless provisions, contractual protections, health information breaches, paper tiger compliance, inevitability of paying, budgeting, identity restoration, “Accessing Health Data: Striking a Balance Between Security & Usability”, CNA, Cignet Health, Mass General, risk-shifting provisions, settlements, breaches, electronic records, indemnity, civil penalties, financial ability to meet commitment, breach mediation standards, Oregon Medical Association, new enforcement environment, access to medical records, hospital data breaches, attorney fees, Queens Family Clinics, credit monitoring, expensive, Business Associate Agreements, cyber-insurance, health care sector, mandatory penalties for willful neglect, consumer privacy regulation
-
Health records of over seven percent of the U.S. population – almost 21 million individuals – have been breached in the past three years, according to OCR. Although it may be somewhat of an apples-to-oranges comparison, it is worth noting that outside the health care arena it is not uncommon...
Posted to
News
by
Health IT Law Blog
on
Mon, Aug 13 2012
Filed under:
Filed under: news, Medical Records, hipaa, HITECH, ARRA, Articles, ED, OCR, HITECH Act, Act, Privacy & Security, American recovery and reinvestment act, Higher, Higher Ed, EHR breach, Privacy Policy, Office for Civil Rights
-
Health records of over seven percent of the U.S. population – almost 21 million individuals – have been breached in the past three years, according to OCR. Although it may be somewhat of an apples-to-oranges comparison, it is worth noting that outside the health care arena it is not uncommon...
Posted to
News
by
Health IT Law Blog
on
Mon, Aug 13 2012
Filed under:
Filed under: news, Medical Records, hipaa, HITECH, ARRA, Articles, ED, OCR, HITECH Act, Act, Privacy & Security, American recovery and reinvestment act, Higher, Higher Ed, EHR breach, Privacy Policy, Office for Civil Rights
-
The ONC’s Office of the Chief Privacy Officer (OCPO) has published a "Guide to Privacy and Security of Health Information” intended to help healthcare practitioners and their staffs better understand the roles of privacy and security in the meaningful use of electronic health records...
Posted to
News
by
Health IT Law Blog
on
Wed, May 23 2012
Filed under:
Filed under: news, hipaa, Meaningful Use, HITECH, Articles, OCR, HHS, Security, HITECH Act, Act, Privacy & Security, privacy, MU, guide, and, OCPO
-
On April 17, 2012, HHS announced that its Office for Civil Rights (OCR) settled a HIPAA violation case against a surgery practice in Arizona, for $100,000 and a Corrective Action Plan (CAP), which requires implementation of policies and procedures to prevent such HIPAA violations and breaches in the...
Posted to
News
by
Health IT Law Blog
on
Wed, Apr 18 2012
Filed under:
Filed under: news, hipaa, Articles, Privacy and Security, OCR, HHS, HITECH Act, Privacy & Security, Rule, breach, CAP
-
The HITECH Act called for stepped-up HIPAA privacy and security and breach notification rule enforcement with respect to covered entities and business associates, to be accomplished by spot-check audits. This month, the first 20 of a planned 150 audit subjects will be getting notices from the U.S. Department...
-
A survey by Veriphyr, a provider of identity and access intelligence solutions, found that insiders were responsible for over 60% of data breaches of protected health information (PHI). Specifically, 35% of the PHI breaches were due to insiders snooping into medical records of fellow employees, and 27...
Posted to
News
by
Health IT Law Blog
on
Wed, Sep 7 2011
Filed under:
Filed under: news, hipaa, HITECH, Articles, OCR, HHS, Privacy & Security, breach, report, insider, notification, data, PHI
-
Anyone who doubts the complexity of the HIT transition should talk to a lawyer. That’s our take, at least, based on the news coming out of this week’s AHIMA's 2011 Legal EHR Summit in Chicago. read more Read More...
-
We recently highlighted the debate between policymakers and healthcare providers over how best to provide patients with reports detailing who has accessed their health records. read more Read More...
-
The University of California at Los Angeles Health System (UCLAHS) has settled claims that it violated HIPAA privacy and security rules. The settlement stemmed from two complaints filed by celebrity patients between 2005 and 2008. The Department of Health and Human Services Office for Civil Rights’ ...
Posted to
News
by
The Voyager - Helping Physicians Navigate The Healthcare Industry
on
Sun, Jul 17 2011
Filed under:
Filed under: Medicare, hipaa, CMS, Medicaid, Health care, OCR, Centers for Medicare & Medicaid (CMS), health system, UCLAHS, HIPAA claims