(By accessing, browsing or using the pages below, you agree to the Blog Conditions of Use/Disclaimer available under "Links.")
Last month, the US Court of Appeals for the Fifth Circuit issued a ruling vacating a $4.3 million dollar civil monetary penalty against the University of Texas MD Anderson Cancer Center by the US Department for Health and Human Services for alleged violations of the HIPAA Privacy and Security Rules. READ MORE
As more health care entities implement population health and care coordination initiatives, questions arise concerning the application of HIPAA to such efforts. Although HIPAA applies to protected health information used and shared by covered entities in connection with population health activities, in many circumstances HIPAA permits the use and sharing of such PHI without patient authorization or business associate agreements. READ MORE
The HHS Office for Civil Rights has issued a new fact sheet addressing direct liability of business associates for violations of HIPAA Rules. The fact sheet serves as a reminder that business associates have direct liability under HIPAA and are subject to enforcement for Rule violations. READ MORE
Per the HIPAA Breach Notification Rule, organizations that discovered a HIPAA breach in 2018 that affected fewer than 500 people have until March 1 to report the breach to the Office for Civil Rights. Organizations with more than one breach are required to complete a report for each incident. READ MORE
The latest cybersecurity guidelines published by the Department of Health and Human Services, developed in response to a mandate of the Cybersecurity Act of 2015, provide healthcare organizations of all types and sizes with information on cybersecurity practices. READ MORE
The Office of Civil Rights has asked for public input how the agency might modify the HIPAA Privacy, Security and Breach Notification Rules in a Request for Information. The 50 questions in the RFI reveals notable insights for the OCR’s future plans to improve care coordination and reduce regulatory burdens. READ MORE
As the opioid crisis continues, the Department of Health and Human Services has provided information to help health care providers know what they can and cannot disclose to concerned family members trying to help addicted loved ones. READ MORE
Covered entities that discovered small-scale HIPAA breaches during calendar year 2017 must file notice of such breaches with the Office of Civil Rights by March 1, 2018. READ MORE
Once mainly focused on large data breaches affecting 500 or more individuals, the OCR now intends to increase HIPAA enforcement actions on smaller breaches of unprotected protected health information. READ MORE
The OCR indicated that based on its enforcement experience, many individuals are having difficulties obtaining such access even as technology evolves, and new treatments make it important for individuals to have ready access to their PHI. READ MORE
Two recent HIPAA settlements remind organizations subject to HIPAA of the importance of having a robust HIPAA privacy and security compliance program in place. READ MORE
On Oct. 27, 2015, the Annual Meeting of the Illinois Association of Healthcare Attorneys was held at Navy Pier in Chicago. Hundreds of health care attorneys attended, including several from Thompson Coburn. The symposium was loaded with high-quality and insightful sessions, and our attorneys identified the following highlights READ MORE
The HIPAA Omnibus Rule, enacted last year, made a number of changes to the HIPAA privacy, security and breach notification rules. Some of these changes affected business associate provisions of the HIPAA privacy and security rules. READ MORE
NOTICE.
Although we would like to hear from you, we cannot represent you until we know that
doing so will not create a conflict of interest. Also, we cannot treat unsolicited
information as confidential. Accordingly, please do not send us any information
about any matter that may involve you until you receive a written statement from
us that we represent you (an ‘engagement letter’).
By clicking the ‘ACCEPT’ button, you agree that we may review any information you transmit to us. You recognize that our review of your information, even if you submitted it in a good faith effort to retain us, and, further, even if you consider it confidential, does not preclude us from representing another client directly adverse to you, even in a matter where that information could and will be used against you. Please click the ‘ACCEPT’ button if you understand and accept the foregoing statement and wish to proceed.
