Articles and Blogs

On November 7, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that a Texas state agency (“State Agency”) will pay a penalty of $1,600,000 for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and Security Rule. According to the Notice of... READ MORE

On November 5, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that a New York Medical Center (“Medical Center”) will settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) by paying a civil penalty of $3 million and entering into a Corrective Action... READ MORE

On October 23, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil monetary penalty (“CMP”) of $2,154,000 against a nonprofit academic health system (“Health System”) for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The Notice of Proposed Determination and the Notice of... READ MORE

On October 2, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that a Texas dental practice (“Practice”) will settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) by paying a civil penalty of $10,000 and adopting a corrective action plan. A patient of... READ MORE

Recently, there has been increased indication that patients, attorneys and the government are fed up with the fees that are being charged by providers when patients request access to or copies of their medical records. Providers who do not understand the type of request being made and the applicable fee rules that apply under... READ MORE

Citing its “Right of Access Initiative,” on September 9, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that a hospital in Florida (the “Hospital”) will settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) by paying a civil penalty of $85,000 and adopting a corrective... READ MORE

On August 26, 2019, the Substance Abuse and Mental Health Services Administration (“SAMHSA”) issued two Notices of Proposed Rulemaking (“NPRM”) proposing changes to the Confidentiality of Substance Use Disorder Patient Records at Title 42 of the Code of Federal Regulations, Part 2 (“Part 2”). Part 2 is a federal privacy law that protects substance... READ MORE

Senate Health Committee Releases Sweeping Health Cost Legislation On June 18, the Senate Health, Education, Labor, and Pensions (“HELP”) Committee released bipartisan legislation designed to address the cost of health care bipartisan health cost legislation after collecting extensive stakeholder feedback. The Committee will mark up this legislation next week on June 26. There are... READ MORE

American Medical Collection Agency (“AMCA”), a collection agency that works primarily with health care companies, recently announced a breach of protected health information (“PHI”) and personally identifiable information (“PII”) affecting over 19.6 million patients. Quest Diagnostics and LabCorp, both clients of AMCA, have reported that their patients have been impacted by the incident. AMCA... READ MORE

The Office for Civil Rights (“OCR”) issued a factsheet detailing ten ways a business associate can be held directly liable for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as provided by the Health Information Technology for Economic Clinical Health (“HITECH”) Act of 2009. Although covered entities are ultimately responsible... READ MORE