Articles and Blogs

The United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced a $300,640 settlement and corrective action plan with a dermatology provider over the improper disposal of protected health information (“PHI”). Background In May of 2021, the dermatology provider reported a breach to OCR when empty specimen containers with PHI on... READ MORE

On July 15, 2022, the Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”) announced its resolution of eleven separate investigations against covered entities for violations of the individual’s right of access under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). OCR’s continued efforts with respect... READ MORE

On March 28, 2022, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced the resolution of two more complaints under its Right of Access Initiative. This brings the total number of cases to 27 since the initiative was first announced in 2019, with financial liability imposed on covered entities... READ MORE

The United States Department of Health and Human Services Office for Civil Rights (“OCR”) announced a settlement with a dental practice (“Practice”) which has agreed to pay $62,500 to settle potential violations of the HIPAA Privacy Rule, as well as to take corrective action after impermissibly disclosing patient PHI to a political campaign manager... READ MORE

Following a Notice of Enforcement Discretion (“NED”) issued earlier this year (discussed in our previous article here), the Office for Civil Rights (“OCR”) has issued detailed guidance addressing the sharing of protected health information (“PHI”) through health information exchanges (“HIEs”) for public health activities of a public health authority (“PHA”). An HIE enables participants... READ MORE

Tuesday, May 5 Recap Note – ​We believe this is the most up-to-date information available at this time, but it is subject to change ​as circumstances warrant. Also, all finalized resources can be found ​on the COVID-19 ​Resource ​Center page ​of Hall Render’s website.​ CMS Uploads New Medicare 1135 Waiver Document CMS issued a new document... READ MORE

On October 2, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that a Texas dental practice (“Practice”) will settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) by paying a civil penalty of $10,000 and adopting a corrective action plan. A patient of... READ MORE

American Medical Collection Agency (“AMCA”), a collection agency that works primarily with health care companies, recently announced a breach of protected health information (“PHI”) and personally identifiable information (“PII”) affecting over 19.6 million patients. Quest Diagnostics and LabCorp, both clients of AMCA, have reported that their patients have been impacted by the incident. AMCA... READ MORE

The Office for Civil Rights (“OCR”) issued a factsheet detailing ten ways a business associate can be held directly liable for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as provided by the Health Information Technology for Economic Clinical Health (“HITECH”) Act of 2009. Although covered entities are ultimately responsible... READ MORE

The Department of Health and Human Services Office for Civil Rights (“OCR”) fined three separate hospitals a cumulative total of $999,000 to settle potential violations of HIPAA arising from allowing film crews on premises to film a reality television show without first obtaining patient authorizations. The OCR Resolution Agreement can be found here. Generally, a... READ MORE