In March 2013, the Second Circuit certified to the New York Court of Appeals the issue of whether a medical corporation may be liable for the unauthorized disclosure of medical information, when the employee responsible for the breach was not a physician and was acting outside the scope of her employment (see post).
Health Privacy Liability Issue Proceeds to NY Court of Appeals
In last week’s decision in Doe v. Guthrie Clinic, Ltd., the Second Circuit Court of Appeals certified to the New York Court of Appeals the issue of whether a medical corporation may be liable for the unauthorized disclosure of medical information, when the employee responsible for the breach was not a physician and was
New Breach Notification Requirements Released
The US Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released final rules on January 17, 2013 governing the privacy and security of protected health information under HIPAA and the HITECH Act. The new rules take effect March 26, 2013; compliance is expected by September 23, 2013. This post will focus