The Department of Health and Human Services Office for Civil Rights recently announced that it intends to survey up to 1,200 covered entities and business associates to determine their suitability for a more fulsome HIPAA compliance audit.
Continue Reading

On December 31, 2013, the Federal Trade Commission announced that Accretive Health, Inc. has agreed to settle charges that the company’s inadequate data security measures unfairly exposed sensitive consumer information to the risk of theft or misuse. Accretive experienced a breach in July 2011 that involved the protected health information of more than 23,000 patients.
Continue Reading

On January 17, 2013, the Department of Health and Human Services’ Office for Civil Rights released its long-anticipated megarule amending the HIPAA Privacy, Security, Breach Notification and Enforcement Rules. This blog post highlights some of the more significant aspects of the Omnibus Rule and provides critical compliance tips.
Continue Reading