Office for Civil Rights

The Office for Civil Rights at the U.S. Department of Health and Human Services issued a Bulletin on sharing and protecting patients’ protected health information during the COVID-19 national emergency. The Bulletin emphasizes that HIPAA-covered entities may use or disclose patients’ PHI when necessary to treat a patient, to protect the nation’s public health and for other critical purposes.
Continue Reading

The District Court for the District of Columbia recently invalidated certain Department of Health and Human Services (“HHS”) rules regarding an individual’s access to their protected health information (“PHI”). The Court held that: (1) individuals can only direct their electronic PHI to third parties (and not hard copy PHI); and (2) the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Omnibus Rule provisions regarding the caps on fees that HIPAA-covered entities may charge for such requests did not follow relevant administrative law procedures.
Continue Reading