All HHS articles

  • HHS
    News Brief

    HHS teases policy changes stemming from cyber resiliency analysis


    Some U.S. hospitals are falling short in protecting themselves from cyberattacks, with 29 percent of facilities recently surveyed lacking a documented GRC system, a new report from the Department of Health and Human Services found.

  • HHS building
    News Brief

    HHS creates new enforcement office for health privacy


    The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.

  • HHS

    HHS proposal aims to ‘shine a light’ on nursing home ownership


    It is still too early in the rulemaking process to know what will be included in the Biden administration’s final rule on transparency of nursing home ownership, but there are some steps facilities can take to prepare, according to experts.

  • Health data
    News Brief

    HHS reports: Compliance reviews, health data breaches up


    The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.

  • HHS building
    News Brief

    Banner Health to pay $1.25M over HIPAA Security Rule lapses


    Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.

  • HHS building

    Dems seek stronger HIPAA privacy for abortion patients


    Democratic senators are urging the Department of Health and Human Services to strengthen federal health privacy protections for abortion patients by updating the HIPAA Privacy Rule.

  • Health records

    Breach costs Premera Blue Cross $6.85M; second-largest HIPAA fine


    Premera Blue Cross has agreed to pay $6.85 million in a settlement with the U.S. Department of Health and Human Services regarding a 2014 data breach that affected the personal and health plan information of over 10.4 million people.

  • Coronavirus fraud

    U.S. regulators boast coordination in addressing coronavirus fraud


    Testimony provided by several agencies before a U.S. Senate Judiciary Committee hearing offers valuable insights for chief compliance and risk officers regarding where coronavirus fraud threats may lurk, especially in the financial services and healthcare sectors.

  • Blog

    FDA rule for mandatory nutrition labels goes into effect


    The Food and Drug Administration has chosen not to block or further delay the May 7 compliance date for requirements that restaurants, supermarkets, convenience stores, and movie theaters list calorie information on all menus and menu boards.

  • Blog

    Ellison questions HHS hire from CVS Caremark.


    Rep. Keith Ellison (D-Minn.) is asking Department of Health and Human Services Secretary Alex Azar for an explanation of the decision to hire CVS Caremark Vice President Daniel Best to lead the agency’s drug pricing reform effort.

  • Blog

    President Trump announces new nominees for key posts


    President Donald Trump has announced the nominations of several new agency officials, including a new Comptroller of the Currency and assistant attorney general for the Justice Department.

  • Blog

    Business associate to pay $650K for HIPAA violation


    The Department of Health and Human Services reached its first-ever enforcement action with a “business associate” of a HIPAA-covered entity. Compliance officers in the healthcare industry looking to minimize risk of future HIPAA violations will want to take a look at the resulting corrective action plan for lessons learned. Jaclyn ...

  • Article

    Compliance lessons in the healthcare sector


    When enforcement actions against healthcare or life sciences companies arise, many choose to settle their cases prior to litigation, often resulting in a corporate integrity agreement with the Department of Health and Human Services Office of Inspector General. By carefully scrutinizing these agreements, compliance and audit teams in the healthcare ...

  • Article

    Managing Cyber-Risk in the Healthcare Industry


    Image: Recent high-profile data breaches at several major healthcare providers have jolted the industry, which is trying to piece together better ways to manage the risks. “As opposed to an organization trying to invest more money in firewalls or other types of technical solutions to protect against an intrusion, at ...