Articles and Blogs

On January 25, 2013, the Department of Health and Human Services (“HHS”) formally published its Omnibus Final Rule (“Final Rule”), which includes modifications to the HIPAA Privacy and Security Rules under the Health Information Technology for Economic and Clinical Health Act (“HITECH”) and the Genetic Information Nondiscrimination Act (“GINA”).  Because the Final Rule covers... READ MORE

On January 25, 2013, the Department of Health and Human Services (“HHS”) formally published its Omnibus Final Rule (“Final Rule”), which includes modifications to the HIPAA Privacy and Security Rules under the Health Information Technology for Economic and Clinical Health Act (“HITECH”) and the Genetic Information Nondiscrimination Act (“GINA”). Because the Final Rule covers... READ MORE

On January 25, 2013, the Department of Health and Human Services (“HHS”) formally published its Omnibus Final Rule (“Final Rule”), which includes modifications to the HIPAA Privacy and Security Rules under the Health Information Technology for Economic and Clinical Health Act (“HITECH”) and the Genetic Information Nondiscrimination Act (“GINA”). Because the Final Rule covers a... READ MORE

On January 17, 2013, the Department of Health and Human Services (“HHS”) announced the issuance of the final rule (the “Rule”) arising from the Health Information Technology for Economic and Clinical Health Act (“HITECH”).  The Rule is scheduled to be published in the Federal Register on January 25, 2013. READ MORE

Background On November 26, 2012, the Office for Civil Rights (“OCR”) released guidance regarding methods and approaches to achieve de-identification of protected health information (“PHI”) in accordance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  Congress mandated in the American Recovery and Reinvestment Act of 2009 that OCR issue such guidance. READ MORE

On January 2, 2013, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with a hospice provider (“Hospice”) arising from potential violations of the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  HHS learned of the circumstances giving rise to the enforcement action... READ MORE

On September 17, 2012, the Department of Health and Human Services (“HHS”) announced that it had reached an agreement with two health care providers who were operating as a single affiliated covered entity for purposes of HIPAA (collectively referred to as the “Providers”) to settle potential violations of the Security Rule of the Health... READ MORE

On June 26, 2012, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with the Alaska Department of Health and Social Services (“Alaska DHSS”) arising from potential violations of the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  HHS learned of the circumstances... READ MORE

Today, the Office of Management and Budget (“OMB”) announced that it is extending its review of the final regulations arising from the Health Information Technology for Economic and Clinical Health Act (“HITECH”).  Based on regulatory timeframes, these regulations were expected to be released no later than today.  The regulations have been long-awaited and will... READ MORE

The second wave of the HIPAA Security and Privacy Audit Program conducted by the HHS Office for Civil Rights (OCR) is underway.  Linda Sanches, the Lead for HIPAA Compliance Audits for the OCR, provided a detailed update on the Audit Program at the fifth annual Safeguarding Health Information: Building Assurance through HIPAA Security conference... READ MORE