By Matt Fisher – How is HIPAA enforced? That may be a simple enough question, but it also contains more nuance than may initially be expected. Determining how HIPAA is enforced can depend upon how the term enforcement is viewed and interpreted.
Read More
By Art Gross – The Health Insurance Portability and Accountability Act, better known as HIPAA, has been around since 1996, with the intent to protect patients by properly handling their protected health information (PHI).
By Art Gross – Medical Informatics Engineering, Inc. (MIE), a software and electronic medical records service provider has paid the Office for Civil Rights at the U.S. Department of Health and Human Services $100,000 to settle a HIPAA breach from 2015.
By Matt Fisher – The HHS Office for Civil Rights announced another monetary penalty and settlement for the failure of an entity to fully or competently comply with HIPAA requirements. More particularly, the entity in question offers yet another example of the absence of a risk analysis.
By Matt Fisher – After a lull in enforcement actions concerning HIPAA, the Office for Civil Rights re-entered the fray with a $3,000,000 bang. The settlement announced on May 6, 2019, imposes a significant fine after widespread non-compliance was found by OCR.
By Art Gross – The Department of Health and Human Services’ Office for Civil Rights has announced a settlement with Touchstone Medical Imaging for their potential violations of HIPAA Security and Breach Notification Rules.
By David Harlow – Recently, th OCR has released two new issuances touching on HIPAA interpretation and enforcement. On the one hand, the regulated community eagerly awaits and devours these morsels as they are doled out.
By Matt Fisher – An easy to overlook aspect of the HIPAA Privacy Rule is the requirement that all uses and disclosures be of the “minimum necessary” amount of protected health information. That means the least amount of information needed for the intended purpose should be used.
By Matt Fisher – Compliance with HIPAA and the attendant privacy and security requirements is a frequent topic of discussion. Discussions around compliance are driven by the daily reporting of breaches and the probably more than daily issues faced by patients, clinicians and….