All HIPAA articles
-
News Brief
Medical center to pay $80K for Covid-19 patient info shared with media
Saint Joseph’s Medical Center agreed to pay $80,000 as part of a settlement with the Department of Health and Human Services’ Office for Civil Rights for potential violations of the Health Insurance Portability and Accountability Act.
-
News Brief
Medical management company to pay $100K in landmark HHS ransomware case
Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.
-
News Brief
HHS orders L.A. Care to pay $1.3M over apparent HIPAA violations
L.A. Care Health Plan agreed to pay $1.3 million to settle allegations by the U.S. Department of Health and Human Services it potentially violated the Health Information Portability and Accountability Act.
-
News Brief
FTC, HHS warn hospitals over use of online tracking tech
The Federal Trade Commission and Department of Health and Human Services sent letters to approximately 130 hospital systems and telehealth providers regarding potential patient privacy violations and security risks stemming from online tracking technologies.
-
News Brief
HHS creates new enforcement office for health privacy
The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.
-
News Brief
HHS reports: Compliance reviews, health data breaches up
The number of compliance reviews by the Department of Health and Human Services of health organizations increased between 2017 and 2021, according to the agency’s latest reports to Congress.
-
News Brief
Banner Health to pay $1.25M over HIPAA Security Rule lapses
Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.
-
News Brief
GoodRx facing $1.5M fine over improper sharing of health data
GoodRx agreed to pay $1.5 million as part of a settlement reached with the Federal Trade Commission addressing allegations the telemedicine and prescription drug discount provider shared personal health data with third parties for advertising purposes.
-
Article
Dems seek stronger HIPAA privacy for abortion patients
Democratic senators are urging the Department of Health and Human Services to strengthen federal health privacy protections for abortion patients by updating the HIPAA Privacy Rule.
-
Article
Proposed NIST cybersecurity guide incorporates HIPAA Security Rule
The National Institute of Standards and Technology is seeking comment on proposed guidance intended to help healthcare organizations that fall under the regulatory umbrella of the Health Insurance Portability and Accountability Act’s Security Rule.
-
Article
OSHA halts implementation of Biden vaccine policy
The Occupational Safety and Health Administration has suspended implementation and enforcement of its guidance ordering companies with more than 100 employees to develop a COVID-19 vaccine policy by Jan. 4.
-
Webcast
CPE Webcast: Streamlining HIPAA & HITRUST compliance with an alternative reporting approach
Your organization might be using HITRUST to manage multiple compliance initiatives, including HIPAA, NIST and the ISOs. The framework sets up a good set of practices that lend well to various privacy regulations and standards, yet connecting all that data for fast reporting is where most organization’s hit a wall. ...
-
Article
Excellus Health Plan fined $5.1M for 2015 data breach
The U.S. Department of Health and Human Services’ Office for Civil Rights fined Excellus Health Plan $5.1 million for failures relating to a 2015 data breach that exposed the personal information of 9.3 million individuals.
-
Article
Breach costs Premera Blue Cross $6.85M; second-largest HIPAA fine
Premera Blue Cross has agreed to pay $6.85 million in a settlement with the U.S. Department of Health and Human Services regarding a 2014 data breach that affected the personal and health plan information of over 10.4 million people.
-
Article
CCPA, SHIELD Act to take back seat during coronavirus pandemic?
With state attorneys general now fixated on “stay at home” directives amid the coronavirus pandemic, oversight of data privacy regulation may dip. But consumers—and the plaintiffs’ bar—are still watching.
-
Article
GoodRx’s mea culpa: Lessons for internet companies handling personal health data
Telemedicine platform GoodRx has committed to enhancements of its consumer data protection after Consumer Reports called out its sharing practices regarding personal health information.
-
Article
California AG seeks federal data privacy legislation modeled on CCPA
In a letter to Congressional committee leaders, California Attorney General Xavier Becerra suggests any federal data privacy law should still allow states to have parallel enforcement authority as well as their own laws.
-
Article
‘Femtech’ wanders into uncharted regulatory territory
Applications that serve women’s health needs could soon be held to a higher standard of accountability for protecting users’ data if they become classified as “covered entities” under HIPAA.
-
Article
Google, Ascension defend partnership amid federal inquiry
Criticism from lawmakers in addition to a federal inquiry regarding Google’s controversial partnership with Ascension has both the tech giant and the non-profit healthcare provider firing back.
-
Article
How GDPR, CCPA impact healthcare compliance
While most healthcare organizations have pretty much nailed down their data privacy requirements for HIPAA and HITECH, new privacy mandates under the GDPR and CCPA could throw a wrench into the system.