HITECH

OCR’s First Settlement with a Business Associate for HIPAA Violations

Posted on July 15, 2016

Posted in HIPAA and Privacy, Information Technology and EMR, Regulatory Issues

Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) is the first business associate to be held directly liable for violations under the HIPAA rules. CHCS provided management and information technology services to six nursing homes. According to the OCR Resolution Agreement, OCR received separate notifications from each of the six nursing homes regarding a breach of unsecured…
Continue Reading OCR’s First Settlement with a Business Associate for HIPAA Violations

Medical Corporation Not Liable For Employee’s Disclosure Of Confidential Medical Information

By Kevin P. Mulry on January 13, 2014

Posted in Audit and Compliance, Compensation and Employment, Corporate and Business, HIPAA and Privacy, Litigation, Physicians and Other Licensed Professionals

In March 2013, the Second Circuit certified to the New York Court of Appeals the issue of whether a medical corporation may be liable for the unauthorized disclosure of medical information, when the employee responsible for the breach was not a physician and was acting outside the scope of her employment (see post). In Doe v. Guthrie,…
Continue Reading Medical Corporation Not Liable For Employee’s Disclosure Of Confidential Medical Information

Photocopiers and HIPAA – Health Plan Settles with HHS for $1.2 Million

Posted on August 15, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Hospitals and Health Care Facilities, Information Technology and EMR, Insurance and Managed Care, Long Term Care, Home Health and DME, Physicians and Other Licensed Professionals, Regulatory Issues

Is your office photocopy machine a HIPAA time-bomb? Affinity Health Plan recently learned that the answer is yes, to the tune of a $1.2 million settlement with the US Department of Health and Human Services Office for Civil Rights (OCR). Affinity is a not-for-profit managed care organization which includes one of the New York metropolitan area’s largest Medicaid managed care…
Continue Reading Photocopiers and HIPAA – Health Plan Settles with HHS for $1.2 Million

Feds to Offer Free HIPAA Compliance Webinars

Posted on May 20, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Hospitals and Health Care Facilities, Long Term Care, Home Health and DME, Physicians and Other Licensed Professionals, Regulatory Issues

The Office for Civil Rights of the US Department of Health and Human Services, in conjunction with the Workgroup for Electronic Data Interchange (“WEDI”), has announced a series of four free webinars on compliance with the latest Omnibus HIPAA/HITECH final rule, which implements significant changes in the requirements imposed upon health care organizations, providers, and their business associates. Final compliance…

Continue Reading Feds to Offer Free HIPAA Compliance Webinars

Health Privacy Liability Issue Proceeds to NY Court of Appeals

By Kevin P. Mulry on April 1, 2013

Posted in Audit and Compliance, Compensation and Employment, Corporate and Business, HIPAA and Privacy, Litigation, Physicians and Other Licensed Professionals

In last week’s decision in Doe v. Guthrie Clinic, Ltd., the Second Circuit Court of Appeals certified to the New York Court of Appeals the issue of whether a medical corporation may be liable for the unauthorized disclosure of medical information, when the employee responsible for the breach was not a physician and was acting outside the scope of…

Continue Reading Health Privacy Liability Issue Proceeds to NY Court of Appeals

New Breach Notification Requirements Released

Posted on January 25, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Regulatory Issues

The US Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released final rules on January 17, 2013 governing the privacy and security of protected health information under HIPAA and the HITECH Act. The new rules take effect March 26, 2013; compliance is expected by September 23, 2013. This post will focus on the changes to the…

Continue Reading New Breach Notification Requirements Released

First HHS Settlement for Small HIPAA Breach

Posted on January 3, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Hospitals and Health Care Facilities, Information Technology and EMR, Long Term Care, Home Health and DME, Physicians and Other Licensed Professionals

On January 2, 2013, the US Department of Health and Human Services announced a $50,000 settlement with Hospice of North Idaho for a data breach involving the theft of a lost, unencrypted laptop computer containing the health information of 441 patients.

This settlement is the first for a reported breach affecting fewer than 500 individuals. HHS Office of Civil Rights…

Continue Reading First HHS Settlement for Small HIPAA Breach

Electronic Health Records Come Under OIG Scrutiny

By Farrell Fritz P.C. on October 26, 2012

Posted in Audit and Compliance, Hospitals and Health Care Facilities, Information Technology and EMR, Physicians and Other Licensed Professionals

The Health Information Technology for Economic and Clinical Health Act (the “HITECH”) Act of 2009 aims to have all hospitals and physicians use electronic health records (“EHRs”) for all persons in the United States by 2014. Federal and State financial incentives, electronic billing requirements, and the need for ever-increasing collaboration and sharing of information among providers have lead to a…

Continue Reading Electronic Health Records Come Under OIG Scrutiny

Feds Release HIPAA Audit Protocol

Posted on July 19, 2012

The US Department of Health and Human Services Office of Civil Rights (“OCR”) recently released its HIPAA audit protocol. Audits of HIPAA compliance were mandated by the 2009 Health Information Technology for Economic and Clinical Health (“HITECH”) Act, which amended many parts of HIPAA and included breach notification requirements.

The OCR conducted a number of pilot audits of compliance with…
Continue Reading Feds Release HIPAA Audit Protocol

MENU

New York Health Law