Articles and Blogs

Protected Health Information

Provider Penalized for Failure to Properly Dispose of Patient Information

[08/29/22]

Posted on August 29, 2022 in Health Information Technology, Health Law News

Published by: Hall Render

The United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced a $300,640 settlement and corrective action plan with a dermatology provider over the improper disposal of protected health information (“PHI”). Background In May of 2021, the dermatology provider reported a breach to OCR when empty specimen containers with PHI on... READ MORE

Tags: , , ,

Takeaways from OCR’s Right of Access Initiative: Additional Enforcement Actions Demonstrate Ongoing Risks of Noncompliance

[08/12/22]

Posted on August 12, 2022 in Health Law News

Published by: Hall Render

On July 15, 2022, the Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”) announced its resolution of eleven separate investigations against covered entities for violations of the individual’s right of access under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). OCR’s continued efforts with respect... READ MORE

Tags: , ,

Failure to Timely Provide Records Continues to Pose Significant Risk as Right of Access Initiative Continues

[05/03/22]

Posted on May 3, 2022 in Health Law News

Published by: Hall Render

On March 28, 2022, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced the resolution of two more complaints under its Right of Access Initiative. This brings the total number of cases to 27 since the initiative was first announced in 2019, with financial liability imposed on covered entities... READ MORE

Tags: , , ,

Impermissible Disclosures of PHI Leads to Settlement for Dental Practice

[04/28/22]

Posted on April 28, 2022 in Health Information Technology, Health Law News

Published by: Hall Render

The United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced a settlement with a dental practice (“Practice”) which has agreed to pay $62,500 to settle potential violations of the HIPAA Privacy Rule, as well as to take corrective action after impermissibly disclosing patient PHI to a political campaign manager... READ MORE

Tags: , , ,

OCR Issues Guidance on Health Information Exchanges to Disclose PHI for Public Health Authority Activities

[12/30/20]

Posted on December 30, 2020 in Health Information Technology

Published by: Hall Render

Following a Notice of Enforcement Discretion (“NED”) issued earlier this year (discussed in our previous article here), the Office for Civil Rights (“OCR”) has issued detailed guidance addressing the sharing of protected health information (“PHI”) through health information exchanges (“HIEs”) for public health activities of a public health authority (“PHA”). An HIE enables participants... READ MORE

Tags: , , ,

Today in Washington – May 5, 2020: COVID-19 Updates

[05/05/20]

Posted on May 5, 2020 in COVID-19 Daily Updates, Health Law News

Published by: Hall Render

Tuesday, May 5 Recap Note – ​We believe this is the most up-to-date information available at this time, but it is subject to change ​as circumstances warrant. Also, all finalized resources can be found ​on the COVID-19 ​Resource ​Center page ​of Hall Render’s website.​ CMS Uploads New Medicare 1135 Waiver Document CMS issued a new document... READ MORE

Tags: , , , , , , , ,

Violations of Patient Privacy on Social Media Will Result in HIPAA Fines

[10/04/19]

Posted on October 4, 2019 in Compliance, Health Information Technology

Published by: Hall Render

On October 2, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that a Texas dental practice (“Practice”) will settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) by paying a civil penalty of $10,000 and adopting a corrective action plan. A patient of... READ MORE

Tags: , , ,

AMCA Breach of PHI and PII

[06/07/19]

Posted on June 7, 2019 in Health Information Technology

Published by: Hall Render

American Medical Collection Agency (“AMCA”), a collection agency that works primarily with health care companies, recently announced a breach of protected health information (“PHI”) and personally identifiable information (“PII”) affecting over 19.6 million patients. Quest Diagnostics and LabCorp, both clients of AMCA, have reported that their patients have been impacted by the incident. AMCA... READ MORE

Tags: , , , , ,

Ten Types of Enforcement Actions OCR May Take Directly Against Business Associates

[06/04/19]

Posted on June 4, 2019 in Health Information Technology

Published by: Hall Render

The Office for Civil Rights (“OCR”) issued a factsheet detailing ten ways a business associate can be held directly liable for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as provided by the Health Information Technology for Economic Clinical Health (“HITECH”) Act of 2009. Although covered entities are ultimately responsible... READ MORE

Tags: , , , ,

Hospitals Fined for Allowing Documentary Film Crews to Film Patients Without Consent

[09/24/18]

Posted on September 24, 2018 in Health Information Technology

Published by: Hall Render

The Department of Health and Human Services Office for Civil Rights (“OCR”) fined three separate hospitals a cumulative total of $999,000 to settle potential violations of HIPAA arising from allowing film crews on premises to film a reality television show without first obtaining patient authorizations. The OCR Resolution Agreement can be found here. Generally, a... READ MORE

Tags: , , , ,