On April 26, 2019, the U.S. Department of Health and Human Services reduced the available penalties for three out of the four tiers of privacy and security violations set forth in the HITECH Act. This blog entry provides an overview of the reductions.
Continue Reading Federal Government Reduces Maximum Annual Penalties for Most Healthcare Privacy Violations
HITECH Act
CCPA Amended: Enforcement Delayed, Few Substantive Changes Made
On August 31, 2018, the California State Legislature passed SB-1121, a bill that delays enforcement of the California Consumer Privacy Act of 2018 and makes other modest amendments to the CCPA. The CCPA introduces key privacy requirements for businesses and its provisions will become operative on January 1, 2020.
Continue Reading CCPA Amended: Enforcement Delayed, Few Substantive Changes Made
HHS Publishes Advance Notices of Proposed Rulemaking on Accounting of Disclosures and Civil Monetary Penalties
The Department of Health and Human Services recently published two advance notices of proposed rulemaking that address accounting of disclosures and the potential distribution of civil monetary penalties to affected individuals. …
Continue Reading HHS Publishes Advance Notices of Proposed Rulemaking on Accounting of Disclosures and Civil Monetary Penalties
Health Insurer Reaches Privacy Settlement with New Jersey Division of Consumer Affairs
On February 17, 2017, Horizon Blue Cross Blue Shield of New Jersey agreed to pay 1.1 million dollars as part of a settlement with the New Jersey Division of Consumer Affairs regarding allegations that Horizon did not adequately protect the privacy of nearly 690,000 policyholders. …
Continue Reading Health Insurer Reaches Privacy Settlement with New Jersey Division of Consumer Affairs
House of Representatives Passes Bill to Permit Broader Use and Disclosure of Protected Health Information for Research Purposes
On July 10, 2015, the House of Representatives passed the 21st Century Cures Act, which is intended to ease restrictions on the use and disclosure of protected health information for research purposes.
Continue Reading House of Representatives Passes Bill to Permit Broader Use and Disclosure of Protected Health Information for Research Purposes
HHS Announces Pre-Audit HIPAA Surveys
The Department of Health and Human Services Office for Civil Rights recently announced that it intends to survey up to 1,200 covered entities and business associates to determine their suitability for a more fulsome HIPAA compliance audit.
Continue Reading HHS Announces Pre-Audit HIPAA Surveys
FTC Reaches Settlement with Accretive Health
On December 31, 2013, the Federal Trade Commission announced that Accretive Health, Inc. has agreed to settle charges that the company’s inadequate data security measures unfairly exposed sensitive consumer information to the risk of theft or misuse. Accretive experienced a breach in July 2011 that involved the protected health information of more than 23,000 patients.
Continue Reading FTC Reaches Settlement with Accretive Health
HHS Announces Settlement with Idaho State University
On May 21, 2013, the Department of Health and Human Services announced a resolution agreement and settlement with Idaho State University for a breach that affected 17,500 individuals.
Continue Reading HHS Announces Settlement with Idaho State University
Business Associate Compliance with the New HIPAA Rules
In an article published this month, Hunton & Williams privacy lawyers Lisa Sotto, Ryan Logan and Melinda McLellan discuss how the newly-adopted HIPAA omnibus rule will impact business associates in the records and information management industry.
Continue Reading Business Associate Compliance with the New HIPAA Rules
New HIPAA Omnibus Rule: A Compliance Guide
On January 17, 2013, the Department of Health and Human Services’ Office for Civil Rights released its long-anticipated megarule amending the HIPAA Privacy, Security, Breach Notification and Enforcement Rules. This blog post highlights some of the more significant aspects of the Omnibus Rule and provides critical compliance tips.
Continue Reading New HIPAA Omnibus Rule: A Compliance Guide