Following a recent U.S. government interagency report indicating that, on average, there has been an alarming 300 percent spike in daily ransomware attacks since early 2016 as compared with 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released new Health Insurance Portability and Accountability Act (“HIPAA”) guidance on … Continue Reading
By Jennifer Pike and Brad Rostolsky on Posted in Privacy & HIPAA
In a joint effort by the Federal Trade Commission (FTC), Office for Civil Rights (OCR), HHS Office of National Coordinator for Health Information Technology (ONC), and Food and Drug Administration (FDA), a new web-based tool has been released that is designed to help developers of mobile health apps understand the multitude of federal laws and … Continue Reading
More than three years after the Cancer Care Group, P.C. (“CCG”) notified the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) of a breach of unsecured electronic protected health information (“ePHI”), the radiation oncology private practice settled and implemented a corrective action plan (“CAP”) with OCR for $750,000. This settlement … Continue Reading
On September 26, 2011, the U.S. Department of Health and Human Services (“HHS”) issued new regulations governing the disclosure by faculty members and research staff of significant financial interests related to certain federal grants, and the reporting of “financial conflicts of interest” to certain federal agencies by colleges and universities that receive funding for Public … Continue Reading
The Health Information Privacy page of the U.S. Department of Health and Human Services (HHS) website has formally announced that regulations implementing the privacy and security provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act will soon be published (along with a comment period) relating to (1) business associate liability; (2) new limitations on the sale of protected health information, marketing and fundraising communications; and (3) stronger individual rights to access electronic medical records and restrict the disclosure of certain information. Although this posting is certainly welcome news, from a timing perspective the announcement only indicates that "OCR continues work on a Notice of Proposed Rulemaking (NPRM) regarding these provisions."… Continue Reading
On January 29, 2010, the U.S. Departments of Labor, Health and Human Services and the Treasury jointly issued interim final regulations implementing the Paul Wellstone and Pete Domenici Mental Health Parity and Addiction Equity Act of 2008 ("MHPAEA"). The MHPAEA, as implemented by the interim final regulations, greatly expands the parity standards of its predecessor, the Mental Health Parity Act of 1996 ("MHPA 1996").… Continue Reading